Threat Detection

Securonix, Inc., a leader in modern SIEM, announced an analytics and threat hunting content package that leverages the MITRE ATT&CK framework as a standard for predicting, detecting and investigating advanced cyber threats. The updated content includes 350+ use cases that are mapped to 100+ MITRE ATT&CK and PRE-ATT&CK techniques. The content will be integrated into the Securonix threat library version 6.3 for automated delivery and deployment to existing and new customers. Cyber security today is...

Research from Gurucul has uncovered 74 per cent of companies are being driven to actively take steps to mitigate security risks posed by third party vendors following recent breaches. The study also found that Managed Service Providers (MSPs) are the biggest third-party concern amongst IT security professionals, ahead of systems integrators and developers. Gartner has recently predicted that managed and subscription-based security services will account for half of all cyber-security spending by 2020, highlighting the...

With this latest integration, joint customers can now leverage the Flashpoint API to import Finished Intelligence reports, Risk Intelligence Observables (RIOs), and Technical Indicators into ThreatConnect. The ThreatConnect Platform provides a central place for users to see and analyse their team’s threat intelligence and then take well-informed, decisive action. The Flashpoint API grants users access to intelligence reports, technical data, and uniquely sourced conversations from illicit threat communities. Vice President of Product at ThreatConnect, Andy...

Kaspersky researchers detected 16,017 new ransomware modifications in Q2 2019 – including ones belonging to eight new malware families. This is more than double the number of new samples detected a year ago, in Q2 2018 (7,620). The Kaspersky IT Threat Evolution Q2 2019 report also highlights that more than 230,000 users were attacked during the quarter, along with other key findings. A Trojan-Ransom can be equally successful in both private and corporate attacks, as...

The misuse of legitimate security tools by criminals and state-sponsored actors has been a dilemma for close to two decades. Penetration-testing software and red-teaming frameworks were built for the purpose of testing the defences of enterprise networks, but that hasn’t stopped individuals and collectives with malicious intent from pirating or hacking these tools and using them to nefarious ends. Cobalt Strike is one such tool that is being widely abused, and if your organisation has...

Now security operations centers (SOC) and managed security service providers (MSSPs) can benefit from a comprehensive solution including detection, investigation, and automated response that delivers significant boosts in effectiveness and productivity. Despite the intuitive coupling of automated response with advanced, machine-learning detection, the SOAR (security, orchestration, automated response) solutions available on the market typically fall short of offering both functionalities. “Talk about scaling the SOC often seems to involve a connected series of fools’ errands,”...

Forescout Technologies, Inc. (NASDAQ: FSCT), the leader in device visibility and control, today announced its continued investment in OT security with the release of SilentDefense 4.0. Building on one of the most advanced and mature OT network monitoring and intelligence platform, Forescout’s latest enhancements will provide enterprises with improved productivity, lower risk profiles and faster mitigation of threats. “The convergence of IT and OT is increasing the complexity and vulnerability of previously isolated ICS networks,”...

A perfect storm of regulation, increased threats and technological complexity is overwhelming cyber security decision makers, reveals new research from Symantec (NASDAQ: SYMC). Four in five (82 percent) security leaders across France, Germany and the UK report feeling burned out, whilst just under two-thirds (63 percent) think about leaving the industry or quitting their job (64 percent). Surveying 3,045 cyber security decision makers across the across France, Germany and the UK, the research - conducted...

Alert Logic, the SIEMless Threat Management™ company, has today announced that it has added a new extended endpoint protection capability along with other new capabilities for anti-virus integration, log collection and search for Office 365, Microsoft Azure Event Hubs integration, user behaviour anomaly detection for Amazon Web Services (AWS) environments, and dark web scanning. This expanded attack surface coverage enriches Alert Logic’s offering with even greater detection and protection support along with enhanced visibility across...

Adaptiva, a leading, global provider of endpoint management and security solutions for enterprise customers, today launched a new endpoint compliance and vulnerability management product, Evolve VM™. Evolve VM harnesses Adaptiva's industry-leading peer-to-peer technology to automatically detect and remediate thousands of vulnerabilities on a massive scale and at the fastest speeds possible. The company will unveil Evolve VM at RSA Conference ! 2019, being held March 4-8 at Moscone Center in San Francisco. Evolve VM leverages...