Event and Threat Detection - Cyber Security Informer

Threat Detection Software: A Deep Dive

CyberSecurity Insiders

APRIL 27, 2022

As the threat landscape evolves and multiplies with more advanced attacks than ever, defending against these modern cyber threats is a monumental challenge for almost any. Threat detection is about an organization’s ability to accurately identify threats, be it to. on your systems, threat detection is impossible.

Threat Detection

Threat Detection Software Technology Engineering

On Threat Detection Uncertainty

Anton on Security

NOVEMBER 3, 2020

My post “Why is Threat Detection Hard?” In this post, I wanted to explore a seemingly obvious, while surprisingly fascinating aspect of detection: uncertainty. Let’s start our journey with exploring the classic fallacy, “if you can detect [the threat], why can’t you prevent it?” Uncertainty? OK, you want to argue?

Threat Detection

Threat Detection Information Security Cybersecurity

Why is Threat Detection Hard?

Anton on Security

OCTOBER 7, 2020

While creating a recent presentation, I needed a slide on “threat detection is hard.” And it got me thinking, why is threat detection so hard for so many organizations today? This means we are “celebrating” ~35 years of cyber threat detection. This does make detection even harder. Action items?

Threat Detection

Threat Detection Cyber threats Technology Security Awareness

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Google introduces Context-Aware Cyber Threat detection to Chronicle

CyberSecurity Insiders

MARCH 16, 2022

Google Cloud might think of delivering end-to-end security to its enterprise customers and so introduced Context-aware threat detection to its Chronicle platform. The availability of the context-aware threat detection on Chronicle is yet to be made official but is expected to be released by September this year.

Threat Detection

Threat Detection Cyber threats Cryptocurrency Cybersecurity

Accurate and Reliable Threat Detection for your Security Program

Cisco Security

MARCH 19, 2021

Accurate threat detection – reliability vs liability. Accurate threat detection is a difficult subject. Does the quantity of detections supersede the quality? C-Suite has become hyper-aware of cybersecurity events. This is not a comfortable position to be in during an emergency.

Threat Detection

Threat Detection Data breaches Cybersecurity

Response to CISA Advisory (AA24-234A): Strengthening Defenses Through Effective Event Logging and Threat Detection

Security Boulevard

AUGUST 23, 2024

In response to the recent CISA Advisory (AA24-234A) outlining best practices for event logging and threat detection, AttackIQ, in alignment with CISA’s guidance, strongly encourages organizations to engage in continuous testing against known, real-world adversary behaviors and TTPs through rigorous security control validation.

Threat Detection

Threat Detection Cybersecurity

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

The Last Watchdog

MARCH 1, 2019

There is a gaping shortage of analysts talented enough to make sense of the rising tide of data logs inundating their SIEM (security information and event management) systems. In many cases the tedious, first-level correlating of SIEM logs to sift out threats has moved beyond human capability. But this hasn’t done the trick.

Threat Detection

Threat Detection Digital transformation Marketing Firewall

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck?

Anton on Security

FEBRUARY 6, 2025

Another choice was to write simple atomic rules on obviously bad single events ( IF event_type = logs_deleted THEN alert ). Detections involved the patterns we observed (rarely, but we did have honeypots and IR ), hypothesized (more often) and sometimes made up in the lab.

Threat Detection

Threat Detection Engineering

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Despite widespread cloud adoption, most SecOps teams rely on outdated, on-premises alert tools, leading to missed threats and wasted resources on false positives. Key applications include automated phishing detection, real-time behavior analysis, and intelligent event correlation across channels, enhancing efficiency and impact.

Risk

Risk Threat Detection Technology Phishing

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

MAY 16, 2022

This complexity can be compounded by the effects of world events like COVID-19 or a war, resulting in manufacturing slowdowns and lockdowns. Such events have led to parts shortages that force the use of older and less-secure replacement parts to meet schedules, which emphasizes the need for innovation and for additional suppliers.

Cyber Attacks

Cyber Attacks Firmware Artificial Intelligence Manufacturing

BrandPost: Gain Full Visibility for Threat Detection and Response with Deep Packet Inspection

CSO Magazine

OCTOBER 12, 2022

DPI tools, as opposed to NetFlow-based tools, provide the most meaningful content possible in threat detection and response. A network detection and response (NDR) solution is the only way to expose bad actors and can work in conjunction with other tools such to increase the strength of your security stack.

Threat Detection

Threat Detection Firewall Internet Internet

The Role and Benefits of AI in Cybersecurity

SecureWorld News

APRIL 13, 2025

To make digital systems more resilient to malicious activities, AI functions by using its key technologies that detect, prevent, and respond to threats. Machine learning (ML): It allows systems to analyze vast amounts of data, recognize patterns, and improve threat detection over timewithout needing constant human intervention.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Cyber threats

3 Essential Elements of an Identity Threat Detection and Response (ITDR) Strategy

Security Boulevard

JULY 21, 2023

Identity threat detection and response (IDTR) equips enterprises to protect digital identities along with the identity systems that manage them. And it's why identity threat detection and response (ITDR) should be part of every enterprise's security strategy. Digital identity data is a cybercriminal's favorite target.

Threat Detection

Threat Detection Passwords Authentication Accountability

USENIX Security ’23 – DISTDET: A Cost-Effective Distributed Cyber Threat Detection System

Security Boulevard

AUGUST 12, 2024

Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – DISTDET: A Cost-Effective Distributed Cyber Threat Detection System appeared first on Security Boulevard.

Threat Detection

Threat Detection Cyber threats Network Security

Five Ways to Configure a SIEM for Accurate Threat Detection

eSecurity Planet

JUNE 6, 2023

A security information and event management (SIEM) system is about as complicated as a security tool can get, pulling in log and threat data from a wide range of sources to look for signs of a cyber attack. Not surprisingly, they can be challenging to manage.

Threat Detection

Threat Detection Engineering Architecture Cyber Attacks

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

The Last Watchdog

MAY 25, 2022

XDR is one of the latest acronyms to hit the cyber dictionary, and it is a new approach to threat detection and response. With cyberattacks growing year-on-year, organizations simply do not have the manpower or resources to combat threats. To bridge the gap, holes are plugged with new security products.

Digital transformation

Digital transformation Threat Detection Architecture Cybersecurity

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

The Last Watchdog

OCTOBER 17, 2023

Combining a security Information tool with a security event tool made it easier to correlate alerts generated by security products, like firewalls and IDS, normalize it, and then analyze it to identify potential risks. Nayyar: : The transition from SIM to SIEM was born out of necessity. What’s the most important thing to keep in mind?

Marketing

Marketing Cloud Migration Threat Detection Firewall

Why Traditional Security Tools Fail to Detect Breaches [+ 4 Examples]

Security Boulevard

MARCH 6, 2025

The post Why Traditional Security Tools Fail to Detect Breaches [+ 4 Examples] appeared first on Security Boulevard.

Threat Detection

Threat Detection Cybersecurity

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

SecureWorld News

MARCH 17, 2025

The timing of the attack, just ahead of a major promotional event, appears designed to disrupt critical revenue streams and shake consumer confidence. AI-driven threat detection Implementing AI-driven threat detection allows your organization to analyze enormous volumes of data in real-time.

Cyber Attacks

Cyber Attacks Digital transformation Threat Detection Penetration Testing

News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance

The Last Watchdog

JANUARY 27, 2025

Media contact: Kathryn Brown, Director of Global Strategic Communications and Events, INE Security, kbrown@ine.com The post News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 demands a structured approach to implementation and preparation. compliance first appeared on The Last Watchdog.

Password Management

Password Management Architecture Threat Detection Cybersecurity

Stories from the SOC – Data exfiltration

CyberSecurity Insiders

OCTOBER 11, 2021

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Events Search. Upon looking into event logs of the alarm, another IOC < forum[.]comeback[.]pw

Threat Detection

Threat Detection Cybersecurity Malware Cyber threats

SIEM for Small and Medium-Sized Enterprises: What you need to know

Security Affairs

SEPTEMBER 19, 2024

Security Information and Event Management (SIEM) solutions are a great way to achieve this. What is SIEM (Security Information and Event Management)? Powerful Threat Detection SIEM solutions correlate security event information in real time and compare it to threat intelligence feeds to detect known and suspected cybersecurity threats.

Threat Detection

Threat Detection Identity Theft Banking Small Business

News alert: Hunters announces ‘Pathfinder AI’ to enhance detection and response in SOC workflows

The Last Watchdog

MARCH 4, 2025

To stay ahead of evolving threats, SOCs need two key AI-driven capabilities: Copilot AI Enhances analyst workflows with automated data analysis, report generation, and guided investigations. Agentic AI Delivers autonomous threat detection, investigation, and response, reducing manual workloads and accelerating decision-making.

Threat Detection

Threat Detection Cyber threats Media

The SIEM Buyer’s Guide

Tech Republic Security

OCTOBER 30, 2023

With a data-driven, modern security information and event management (SIEM) solution, your organization can strengthen cybersecurity, drive resilience and unlock innovation across cloud, multicloud and hybrid environments. Accelerate threat detection and investigation.

Threat Detection

Threat Detection Cybersecurity

Managed detection and response in 2024

SecureList

FEBRUARY 20, 2025

Kaspersky Managed Detection and Response service (MDR) provides round-the-clock monitoring and threat detection, based on Kaspersky technologies and expertise. The annual MDR analyst report presents insights based on the analysis of incidents detected by Kaspersky’s SOC team. What methods are they using today?

Social Engineering

Social Engineering Phishing Government Threat Detection

WHAT IS A SIEM, AND WHY SHOULD YOU HAVE ONE?

The State of Security

JULY 20, 2021

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device.

Threat Detection

Threat Detection InfoSec

Stories from the SOC – WannaCry malware

CyberSecurity Insiders

JANUARY 31, 2022

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Events search. Event deep dive. Executive summary. Expanded investigation.

Malware

Malware Threat Detection Firewall Encryption

The rising role of cloud-based SIEM in MDR: What MSPs need to know

Webroot

FEBRUARY 11, 2025

One key takeaway from the survey: 81% of respondents rated cloud-based SIEM (security information and event management) as important to include in their MDR solution. Because for MSPs delivering MDR services, its the backbone that makes scalability, visibility, central and efficient threat management possible.

Threat Detection

Threat Detection Technology Cyber threats Risk

Cisco Joins the Launch of Amazon Security Lake

Cisco Security

NOVEMBER 29, 2022

With support for the Open Cybersecurity Schema Framework (OCSF) standard, Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response. eNcore Client OCSF Implementation.

Firewall

Firewall Threat Detection Engineering Passwords

Every month should be Cybersecurity Awareness Month!

CyberSecurity Insiders

OCTOBER 26, 2021

The most recent story is about detecting and remediating data exfiltration in our SOC for a customer. Upon the acknowledgment of the alarm, the SOC was able to research correlating events and provide the customer a detailed explanation of what took place within the customer environment thus aiding in the proactive mitigation of this threat.

Cybersecurity

Cybersecurity Threat Detection Energy and Utilities Ransomware

Webroot managed detection and response (MDR) purpose-built for MSPs

Webroot

JUNE 2, 2022

MDR is an approach to proactively manage threats and malicious activity that empowers organizations to become more cyber resilient. MDR services offer threat detection and response capabilities by augmenting cybersecurity tools with human security intelligence. Ransomware, malware and phishing threats keep evolving.

Threat Detection

Threat Detection Cyber Insurance Small Business Insurance

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

SecureWorld News

JANUARY 7, 2025

Join us in this magical confluence of old wisdom and new technology, where "once upon a time" meets "real-time threat detection," and where the moral of every story is a stronger, safer digital kingdom. Check out our full slate of in-person and virtual events for 2025.

Cybersecurity

Cybersecurity Social Engineering Phishing Engineering

Understanding Identity Acronyms: What Are ISPM & ITDR?

Duo's Security Blog

JULY 25, 2024

Given the complexity of policy, even the most advanced teams struggle to deploy, maintain and assess a strong access management policy posture standard that helps mitigate threats while also supporting a productive business. What is ITDR, or Identity Threat Detection & Response? Why is ITDR & ISPM important?

Threat Detection

Threat Detection Risk Architecture Artificial Intelligence

Do You Trust Your SIEM?

Anton on Security

OCTOBER 21, 2021

trust the event taxonomies if their lives and breach detections depend on it.” Specifically, as a bit of a throwaway comment, I said “people write stupid string-matching and regex-based content because they trust it. They do not?—?en en masse?—?trust This post is an exploration of that theme.

Passwords

Passwords Threat Detection Cybersecurity

Enhancing security with Microsoft’s expanded cloud logs

IT Security Guru

MARCH 4, 2025

Now, realising the necessity for further strengthening defences, CISA has emphasised the transformative potential of Microsofts expanded cloud logs for proactive threat detection and provided guidance in the playbook. This empowers faster identification of unauthorised email access, unusual searches and potential insider threats.

Government

Government Threat Detection Technology Cyber threats

New Advanced AlienApps for Akamai ETP and Akamai EAA help streamline threat management

CyberSecurity Insiders

NOVEMBER 19, 2021

The ETP app is capable of grabbing a range of ETP events—including threat, AUP (Acceptable User Policy), DNS activity, network traffic, and proxy traffic events—and feeding them into the robust USM Anywhere correlation engine for threat detection and enrichment.

Threat Detection

Threat Detection Engineering DNS Architecture

NFL Teams Up with Cisco to Secure Super Bowl LVI

Cisco Security

FEBRUARY 15, 2022

Since it’s a live event, 100 percent uptime is imperative for the Super Bowl, ensuring fans don’t miss a moment of the action. The Super Bowl is the largest sporting and television event in the United States, with nearly 100 million viewers. Securing an event of this magnitude can be quite a challenge.

Firewall

Firewall Technology Malware Network Security

Fortifying Cybersecurity: Agentic Solutions by Microsoft and Partners

eSecurity Planet

MARCH 25, 2025

The Alert Triage Agents in Microsoft Purview: They streamline the investigation of data loss prevention and insider risk alerts by automatically prioritizing incidents and learning from administrative feedback, ensuring continuous refinement in threat detection.

Cybersecurity

Cybersecurity Phishing Threat Detection Data breaches

Cynet 360 XDR Review: Features & Benefits

eSecurity Planet

SEPTEMBER 24, 2021

If May’s endpoint detection and response (EDR) MITRE evaluations weren’t proof enough, Cynet’s flagship platform – also featuring XDR and MDR capabilities – continues to receive industry recognition. Cynet 360 is the all-in-one platform for Cynet’s threat detection and response (DR) technology for networks in need of advanced protection.

Threat Detection

Threat Detection Engineering Antivirus Cybersecurity

GUEST ESSAY: The case for engaging in ‘threat hunting’ — and how to do it effectively

The Last Watchdog

DECEMBER 26, 2018

One of the most commonly used tools for threat hunting, however is security information and event management (SIEM). SIEM technology works by capturing and correlating network data such as event logs and looking for patterns of malicious behavior. SIEMs vs. UEBAs. Patience, persistence required.

Penetration Testing

Penetration Testing Technology Software Antivirus

What are you missing when you don’t enable global threat alerts?

Cisco Security

MARCH 24, 2021

All detections are presented in a context-rich manner, which gives users the ability to drill into the specific security events that support the threat detections grouped eventually into alerts. This is where global threat alerts saves you time, investigating alerts and accelerating resolution.

Threat Detection

Threat Detection Encryption Malware Risk

11 top XDR tools and how to evaluate them

CSO Magazine

JANUARY 9, 2023

The scale of modern enterprise computing and modern application stack architecture requires security tools that can bring visibility into the security posture of modern IT components and integrate tightly to bring real-time threat detection, possibly even automating aspects of threat mitigation. What is XDR and what does it do?

Architecture

Architecture Threat Detection

Standing Up a Defense Network for Black Hat: A Herculean Feat

SecureWorld News

AUGUST 7, 2024

The annual Black Hat conference, happening this week in Las Vegas, is renowned not only for its cutting-edge presentations and workshops but also for its robust cybersecurity measures that protect the large event from malicious threat actors. This includes firewalls, intrusion detection systems (IDS), and monitoring tools.

Firewall

Firewall Cybersecurity Threat Detection Cyber threats

Stories from the SOC – Inactive Account Exploitation

CyberSecurity Insiders

JANUARY 24, 2022

Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Events search. Event deep dive. Executive summary. Expanded investigation.

Accountability

Accountability Threat Detection Cybersecurity Cyber threats

Threat Detection Software: A Deep Dive

On Threat Detection Uncertainty

Webinars

Trending Sources

Why is Threat Detection Hard?

Webinars

Google introduces Context-Aware Cyber Threat detection to Chronicle

Accurate and Reliable Threat Detection for your Security Program

Response to CISA Advisory (AA24-234A): Strengthening Defenses Through Effective Event Logging and Threat Detection

Q&A: Why SOAR startup Syncurity is bringing a ‘case-management’ approach to threat detection

15+ Years of Loading Threat Intel into SIEM: Why Does This Still Suck?

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

BrandPost: Gain Full Visibility for Threat Detection and Response with Deep Packet Inspection

The Role and Benefits of AI in Cybersecurity

3 Essential Elements of an Identity Threat Detection and Response (ITDR) Strategy

USENIX Security ’23 – DISTDET: A Cost-Effective Distributed Cyber Threat Detection System

Five Ways to Configure a SIEM for Accurate Threat Detection

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

Why Traditional Security Tools Fail to Detect Breaches [+ 4 Examples]

Krispy Kreme Cyber Attack a Wake-Up Call for the Food Industry

News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance

Stories from the SOC – Data exfiltration

SIEM for Small and Medium-Sized Enterprises: What you need to know

News alert: Hunters announces ‘Pathfinder AI’ to enhance detection and response in SOC workflows

The SIEM Buyer’s Guide

Managed detection and response in 2024

WHAT IS A SIEM, AND WHY SHOULD YOU HAVE ONE?

Stories from the SOC – WannaCry malware

The rising role of cloud-based SIEM in MDR: What MSPs need to know

Cisco Joins the Launch of Amazon Security Lake

Every month should be Cybersecurity Awareness Month!

Webroot managed detection and response (MDR) purpose-built for MSPs

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

Understanding Identity Acronyms: What Are ISPM & ITDR?

Do You Trust Your SIEM?

Enhancing security with Microsoft’s expanded cloud logs

New Advanced AlienApps for Akamai ETP and Akamai EAA help streamline threat management

NFL Teams Up with Cisco to Secure Super Bowl LVI

Fortifying Cybersecurity: Agentic Solutions by Microsoft and Partners

Cynet 360 XDR Review: Features & Benefits

GUEST ESSAY: The case for engaging in ‘threat hunting’ — and how to do it effectively

What are you missing when you don’t enable global threat alerts?

11 top XDR tools and how to evaluate them

Standing Up a Defense Network for Black Hat: A Herculean Feat

Stories from the SOC – Inactive Account Exploitation

Stay Connected