Security Boulevard

FEBRUARY 13, 2023

In my more than ten years as a security analyst, engineer and now founder of a company that solves the challenges of security operations at scale, I’ve seen the successes and. The post The State of Threat Detection and Response appeared first on Security Boulevard.

Threat Detection 98

Threat Detection Engineering Security Awareness Cybersecurity 98

Anton on Security

DECEMBER 28, 2020

The debate focused on the role of context in threat detection. Specifically, it is about the role of local context (environment knowledge, organization context, site details, etc) in threat detection. Can threat detection work well without such local context? Now, some of you will say “yes, of course!”

Threat Detection 100

Threat Detection Malware Technology Engineering 100

The Last Watchdog

OCTOBER 23, 2023

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. Impactful analysis A decoupled, purpose-built threat detection platform can work across distributed data lake architectures.

Architecture 261

Architecture Threat Detection Engineering Data collection 261

Anton on Security

MAY 4, 2023

To me, this SIEM content and false positives debate is a micro instantiation of a much bigger debate: the paradox between consuming security and engineering security. They essentially want to consume security, rather than engineer it. No, Detection as COOKING!” “How How to Measure Threat Detection Quality for an Organization?”

Engineering 130

Engineering Threat Detection Education Software 130

CyberSecurity Insiders

DECEMBER 19, 2022

LinkedIn, a professional social networking platform having 20,000 employees serving about 874 million members, has bolstered its IT Infrastructure to protect against the prevailing sophistication driven cybersecurity threats. The post LinkedIn bolsters its cyber threat detection with Moonbase appeared first on Cybersecurity Insiders.

Threat Detection 95

Threat Detection Cyber threats Media Engineering 95

Anton on Security

APRIL 7, 2022

Top 5 overall “Confidentially Speaking“ “Data Security in the Cloud“ “Zero Trust: Fast Forward from 2010 to 2021“ “The Mysteries of Detection Engineering: Revealed! “ “Modern Threat Detection at Google“ Security Operations Center (SOC) “SOC in a Large, Complex and Evolving Organization” “EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud” (..)

Cloud Migration 189

Cloud Migration Threat Detection CISO Engineering 189

Anton on Security

OCTOBER 18, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Incomplete, too high-level or overly specific data leads to long analysis time, bias and ultimately inconsistent detection quality and detection coverage gaps.

Engineering 130

Engineering Threat Detection Threat Reports Passwords 130

Duo's Security Blog

NOVEMBER 20, 2023

This group of English-speaking threat actors are known for launching sophisticated campaigns that can bypass weak MFA implementations, leveraging tactics such as SIM swapping, adversary-in-the-middle (AiTM) techniques, and social engineering to gain unauthorized access to organizations’ sensitive data.

Threat Detection 137

Threat Detection Authentication Accountability Data breaches 137

eSecurity Planet

JUNE 6, 2023

” Also read: Implementing and Managing Your SIEM Securely: A Checklist Detection Engineering Helping security analysts parse the data that comes in is also an ongoing challenge. To address that challenge, Gurucul is seeing the rise of detection engineering groups, Raja said.

Threat Detection 95

Threat Detection Engineering Architecture Cyber Attacks 95

Anton on Security

DECEMBER 20, 2021

Skills, Not Tiers” “Beware: Clown-grade SOCs Still Abound”” “Revisiting the Visibility Triad for 2020” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why Why Is Threat Detection Hard?” “A

Threat Detection 44

Threat Detection Cloud Migration Encryption Engineering 44

The Last Watchdog

MARCH 31, 2022

The good news is, artificial intelligence is here and is showing great promise to deliver what the market needs, that is, pre-emptive and proactive threat detection. The TCU is designed as a stand-alone processor that will reside on a motherboard next to a CPU, GPU or other compute engine.

Artificial Intelligence 229

Artificial Intelligence Threat Detection Engineering Software 229

CyberSecurity Insiders

NOVEMBER 3, 2021

Reversing binaries is an essential skill if you want to pursue a career as exploit developer, reverse engineer or programming. ” The post Reversing a binary using GDB: tutorial for Reverse Engineers appeared first on Cybersecurity Insiders. This blog was written by an independent guest blogger.

Engineering 127

Engineering Software Threat Detection Cyber threats 127

SecureWorld News

NOVEMBER 8, 2023

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. Given the much more psychologically focused and methodical ways that social engineering attacks can be conducted, it makes spotting them hard to do.

Social Engineering 95

Social Engineering Engineering Cyber Attacks Artificial Intelligence 95

Anton on Security

SEPTEMBER 16, 2021

Skills, Not Tiers” “Beware: Clown-grade SOCs Still Abound”” “New Paper: “Future of the SOC: Forces shaping modern security operations”” Top 5 posts with the most Medium fans : “Security Correlation Then and Now: A Sad Truth About SIEM” “Beware: Clown-grade SOCs Still Abound” “Can We Have “Detection as Code”?” “Why Now, posts by topic.

Threat Detection 42

Threat Detection Cloud Migration Encryption Engineering 42

Anton on Security

AUGUST 30, 2021

The evolution of security operations in general and SOCs in particular is heavily dependent on a drive towards an engineering-first mindset while operating modern, more secure systems at large scale. Try spending the remaining 50% on improving systems and detections with an “automate-first”, engineering mindset.

Engineering 273

Engineering Marketing Education Threat Detection 273

The Hacker News

FEBRUARY 24, 2021

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A

Social Engineering 142

Social Engineering Antivirus Threat Detection Engineering 142

The Last Watchdog

JUNE 10, 2024

June 10, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced that it has started selling its paid threat detection data from its CTI search engine ‘ Criminal IP ‘ on the Snowflake Marketplace. Torrance, Calif.,

Cyber threats 147

Cyber threats Threat Detection Engineering Media 147

SecureWorld News

OCTOBER 3, 2023

And one of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential information. Social engineering is more sophisticated than ever, and its most advanced iteration is the topic of today's discussion: deepfakes.

Social Engineering 92

Social Engineering Phishing Engineering Technology 92

Anton on Security

MARCH 3, 2022

“Why Is Threat Detection Hard?” “A Episode 17 “Modern Threat Detection at Google” Random fun new posts: “Anton and The Great XDR Debate, Part 3” “Left of SIEM? Security operations / detection & response: “Security Correlation Then and Now: A Sad Truth About SIEM” “Can We Have “Detection as Code”?”

Threat Detection 189

Threat Detection Cloud Migration Encryption Engineering 189

SecureWorld News

FEBRUARY 15, 2024

The hackers rely heavily on social engineering tactics to distribute the malware. Education on verifying app downloads, MFA, advanced threat detection, encrypted communications, and tighter mobile device management controls can all contribute to protecting users.

Social Engineering 80

Social Engineering Mobile Authentication Engineering 80

Security Boulevard

OCTOBER 15, 2021

Aqua Security this week at the Kubecon + CloudNativeCon North America conference added a cloud-native detection and response (CNDR) capability to its open source Tracee software-based platform. The post Aqua Security Uses eBPF to Extend Security Platform appeared first on Security Boulevard.

Threat Detection 126

Threat Detection Engineering Software Cybersecurity 126

Anton on Security

SEPTEMBER 27, 2024

Beware: Clown-grade SOCs Still Abound Detection Engineering is Painful — and It Shouldn’t Be (Part 1) [now a 10 post series, not yet finished…] Why is Threat Detection Hard? Revisiting the Visibility Triad for 2020” “ Beware: Clown-grade SOCs Still Abound ” “Why is Threat Detection Hard?” “A

Cloud Migration 130

Cloud Migration Threat Detection Digital transformation CISO 130

The Last Watchdog

OCTOBER 17, 2023

SOAR uses the output of detection engines and investigations and recommends workflows or playbooks to build a response plan, saving time and effort. Early SIEMs were log management and compliance tools, they were never built to address real-time threat detection and response.

Marketing 306

Marketing Cloud Migration Threat Detection Firewall 306

The Last Watchdog

NOVEMBER 11, 2024

It could also help users identify various cybersecurity attacks, whether they are types of spoofing , phishing, social engineering, or malware. Waqas Apart from the training aspect, AR technology can also be used to enhance threat detection in real-time.

Cybersecurity 130

Cybersecurity Social Engineering Technology Threat Detection 130

CyberSecurity Insiders

FEBRUARY 26, 2022

Over the past decade, threat detection has become business-critical and even more complicated. As businesses move to the cloud, manual threat detection processes are no longer able to keep up. The answer lies in treating threat detections like software or detection-as-code.

Threat Detection 126

Threat Detection Engineering Software Cybersecurity 126

CyberSecurity Insiders

AUGUST 5, 2021

The financial terms of the deal are yet to be known, but reports are in that the deal only includes assets belonging to the cyber arm of the Applied Engineering Solutions (aeSolutions) and not other businesses. Root9B a threat detection service provider that will be integrated into Deloitte’s Fusion Managed Security Service.

Cybersecurity 133

Cybersecurity Threat Detection Government Technology 133

CyberSecurity Insiders

NOVEMBER 19, 2021

The ETP app is capable of grabbing a range of ETP events—including threat, AUP (Acceptable User Policy), DNS activity, network traffic, and proxy traffic events—and feeding them into the robust USM Anywhere correlation engine for threat detection and enrichment. Voice of the vendor.

Threat Detection 132

Threat Detection Engineering DNS Architecture 132

Anton on Security

NOVEMBER 6, 2023

The second part of the answer would be to outline the type of an organization that would very much prefer the decoupled SIEM where the best collection and modern storage somehow harmoniously work with the best threat detection and response content. Anything else to add?

Engineering 245

Engineering Data collection Threat Detection Technology 245

Anton on Security

FEBRUARY 10, 2021

SOC Threat Coverage Analysis?—?Why/How? As I mentioned in Detection Coverage and Detection-in-Depth , the topic of threat detection coverage has long fascinated me. Do I know what threats I want to detect? Threat assessment process will answer that.

Threat Detection 113

Threat Detection Engineering 113

Anton on Security

NOVEMBER 1, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Operating Model 1: CTI Feeds SOC / Detection Engineering Some organizations have a clearly defined and separate CTI team, which supplies information to different teams, functions and recipients.

Engineering 147

Engineering Architecture Cyber threats Threat Detection 147

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering 144

Engineering VPN Accountability Software 144

Penetration Testing

OCTOBER 19, 2024

A new and dangerous social engineering tactic, dubbed ClickFix, has emerged as a significant cybersecurity threat in 2024, according to a recent report from the Sekoia Threat Detection & Research... The post Beware of Fake Google Meet Invites: ClickFix Campaign Spreading Infostealers appeared first on Cybersecurity News.

Social Engineering 88

Social Engineering Threat Detection Engineering Cybersecurity 88

The Last Watchdog

OCTOBER 7, 2024

7, 2024, CyberNewswire — Criminal IP , a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA , has partnered with Hybrid Analysis , a platform that provides advanced malware analysis and threat intelligence, to enhance threat research. Torrance, Calif.,

Malware 130

Malware Engineering Cyber threats Phishing 130

Security Boulevard

SEPTEMBER 28, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Stay tuned!

Engineering 64

Engineering Education Government Threat Detection 64

Anton on Security

JULY 20, 2022

Let’s continue our fun conversation on threat detection in the cloud that we started in “Who Does What In Cloud Threat Detection?” and “How to Think about Threat Detection in the Cloud” and continued somewhat in “Detection as Code? No, Detection as COOKING!” or even goodness in detection.

Threat Detection 100

Threat Detection Cloud Migration Engineering Technology 100

CyberSecurity Insiders

FEBRUARY 1, 2022

In the future, quantum computing has the potential to contribute to finance, military intelligence, pharmaceutical development, aerospace engineering, nuclear power, 3D printing, and so much more. Implement managed threat detection. What are the security risks?

Risk 134

Risk Social Engineering Threat Detection Encryption 134

Anton on Security

AUGUST 9, 2023

“New Paper: “Future of the SOC: SOC People — Skills, Not Tiers” ” “Revisiting the Visibility Triad for 2020” “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Why is Threat Detection Hard?” Why Is Threat Detection Hard?” What Does This Even Mean?!” “How

Threat Detection 130

Threat Detection Cloud Migration Encryption CISO 130