When tools that were created to help security teams simulate attacks are used by the attackers, you know there’s a problem. But that’s exactly what’s happened in recent news where the Brute Ratel C4 (BRc4) red-teaming and adversarial attack simulation tool was used by nation-state attackers to evade detection.
Read moreBlog
3 cybersecurity trends to watch
Posted on - by Carter Foster
Businesses are seeing a 50% increase in cyberattacks per week. That’s according to a report from Check Point Research, where companies reported a bump in cyberattacks during 2021. The increase is in line with a year-over-year trend of increasing attacks. Though 50% is a staggering figure, it is only 13% higher than Check Point’s 2020s findings.
Read more5 NDR best practices
Posted on - by Rick Jenssen
Threats today continue to endanger the security of the enterprise at an alarming rate. In fact, a recent report by Positive Technologies found that cybercriminals can penetrate 93% of company networks. And despite efforts to create robust security platforms, no single security solution will address all of the needs of the enterprise. A layered security strategy continues to be a best practice and the one most IT professionals prefer. As part of the strategy, Network Detection and Response (NDR) plays a pivotal role, as it has for many years. Before we dive into how best to implement an NDR program, let’s cover the history of this security solution.
Read moreGain observability by replicating network data streams
Posted on - by James Dougherty
The need for more telemetry data is real.
The word observability is being used quite a bit nowadays. I see it being used in discussions about SIEM tools. My guess is that you’ve heard it and have a general understanding that at its core the term refers to the collection of measurements, better known as telemetry. Telemetry data is extremely valuable for network monitoring, but the million-dollar question is why?
Read moreLeveraging MITRE ATT&CK and incident correlation to improve incident investigations
Posted on - by George Matthews
Increasingly complex cyber threats are pushing SOC analysts to ‘up their game’. It has become critical to quickly understand how an attacker has gained access, what techniques were used to breach your systems, where they have been, and what they have done. Capabilities such as Incident Correlation and leveraging the MITRE ATT&CK framework are being used to improve the SOC investigative processes.
Read more