Detection
How to Stay One Step Ahead of Data Breaches and Master Cloud Threat Detection
Implementing a cloud threat detection system enhances your team's ability to maintain a strong security posture without significant overhead ...
Security Boulevard
Prioritization of the Detection Engineering Backlog
Joshua Prager | | Cybersecurity, Detection, detection-engineering, Threat Hunting, Threat Intelligence
Written by Joshua Prager and Emily LeidyIntroductionStrategically maturing a detection engineering function requires us to divide the overall function into smaller discrete problems. One such seemingly innocuous area of detection engineering is the ...
On Detection: Tactical to Functional
Part 7: Synonyms“Experience is forever in motion, ramifying and unpredictable. In order for us to know anything at all, that thing must have enduring properties. If all things flow, and one can never ...
On Trust and Transparency in Detection
This blog / mini-paper is written jointly with Oliver Rochford.When we detect threats we expect to know what we are detecting. Sounds painfully obvious, right? But it is very clear to us ...
On Detection: Tactical to Functional
Jared Atkinson | | access-token-manipulation, Detection, detection-engineering, Infosec, MITRE ATTACK
Part 3: Expanding the Function Call GraphIntroductionIn the previous post in this series, I introduced the concept of operations and demonstrated how each operation has a function call graph that undergirds it. In ...
Endpoint Detection Compared
SE Labs Team | | 2022, blackberry, broadcom, CrowdStrike, Cybersecurity, Detection, EDR, enterprise, Enterprise Advanced Security, How We Test, kaspersky, security testing, test results, Threat Intelligence
We compare endpoint security products directly using real, major threats. Welcome to the first edition of the Enterprise Advanced Security test that compares different endpoint security products directly. We look at how ...
Hang Fire: Challenging our Mental Model of Initial Access
For as long as I’ve been working in security, initial access has generally looked the same. While there are high degrees of variation within each technique (i.e., payloads, pretexts, delivery mechanisms, obfuscations) ...
20 Years of SIEM Webinar Q&A
I recently did this fun SANS webinar titled “Anton Chuvakin Discusses “20 Years of SIEM — What’s Next?”” (the seemingly self-centered title was suggested by CardinalOps who organized the webinar). As it is common ...
3 Ways to Improve Your Ability to Recover From Ransomware
‘It is not a matter of if, but a matter of when’ is becoming a familiar refrain whenever anyone discusses a ransomware attack. Regardless of the size or industry of the company; ...
Security Boulevard
Google Cloud Security Talks Set to Tackle Improving Your Threat Detection and Response
Dan Kaplan | | Detection, Google Security Talks, Product Updates & Tips, Response, security operations, SOAR, Threat Hunting, Threat Intelligence
As if your detection and response efforts needed any more reminding, the tenuous state of geopolitics has left many security... The post Google Cloud Security Talks Set to Tackle Improving Your Threat ...