%term

Network Forensics & Incident Response with Open Source Tools

Aug 26, 2022 By Corelight In Corelight

Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, and the global communities behind these tools can also serve as a force multiplier for security teams, such as accelerating their response times to zero-day exploits via community-driven detection engineering and intel sharing. This presentation will review popular open source technologies used in network DFIR and cover use cases, integrations, and open source design patterns.

View Video

Corelight

Read more about Network Forensics & Incident Response with Open Source Tools

MAC Spoofing Detection with Forescout

Aug 22, 2022 By Forescout In Forescout

Learn how to tackle a common problem known as “MAC Spoofing” faced by many security teams looking to control access to the network. In this video you will gain an understanding what MAC Spoofing is, why it's a problem, and how Forescout is uniquely positioned to help detect it. You will be able to differentiate between the two primary MAC Spoofing scenarios and the strategies used for detection and learn how to configure Forescout to detect both scenarios and test successfully.

View Video

Forescout

Read more about MAC Spoofing Detection with Forescout

Trustwave Security Colony Noted as a Differentiator in Managed Detection and Response Market According to IDC Link Report

Aug 16, 2022 By Trustwave In Trustwave

Trustwave’s new MDR offerings garnered recognition from IDC as differentiated due to the inclusion of Security Colony as part of the offering. Security Colony, now bundled in with Trustwave MDR offerings, is a Resource Library of 400+ documents derived directly from real-life consulting engagements with clients. The project deliverables have been anonymized and made available to clients.

Read Post

Trustwave

Read more about Trustwave Security Colony Noted as a Differentiator in Managed Detection and Response Market According to IDC Link Report

JUMPSEC Summer Industry Briefing Benchmarking EDR/MDR solutions

Aug 11, 2022 By JUMPSEC In JUMPSEC

Benchmarking EDR/MDR Solutions presented by Tom Ellson, Head of Offensive Security We recently completed a review of a number of industry-recognised EDR and MDR solutions. This led us to take a novel approach that addresses many of the limitations and constraints typically met when undertaking this type of assessment. You will learn why context is key to threat detection, and how the different vendors performed in our realistic and representative environment against goal-focused attack paths.

View Video

JUMPSEC

Read more about JUMPSEC Summer Industry Briefing Benchmarking EDR/MDR solutions

JUMPSEC Summer Industry Briefing Research and Development

Aug 11, 2022 By JUMPSEC In JUMPSEC

View Video

JUMPSEC

Read more about JUMPSEC Summer Industry Briefing Research and Development

JUMPSEC Summer Industry Briefing UK Threat Landscape Trends

Aug 11, 2022 By JUMPSEC In JUMPSEC

UK Threat Landscape Trends - Presented by John Fitzpatrick, CTO John Fitzpatrick reflects on the last six months, examining the key threats and trends we have observed affecting UK institutions. Specifically, we will delve into ransomware threat evolution, presenting and discussing. This will build upon our predictions made at the last briefing, reviewing how the landscape has changed, how our predictions fared, and how it has been influenced by major cyber security events and developments.

View Video

JUMPSEC

Read more about JUMPSEC Summer Industry Briefing UK Threat Landscape Trends

CrowdStrike Introduces Industry's First AI-Powered Indicators of Attack for CrowdStrike Falcon Platform to Uncover the Most Advanced Attacks

Aug 10, 2022 By CrowdStrike In CrowdStrike

Trained on the world's richest threat intelligence, new detection and response capabilities proactively protect organizations against emerging adversary techniques.

Read Post

CrowdStrike

Read more about CrowdStrike Introduces Industry's First AI-Powered Indicators of Attack for CrowdStrike Falcon Platform to Uncover the Most Advanced Attacks

Introducing AI-Powered Indicators of Attack: Predict and Stop Threats Faster Than Ever

Aug 10, 2022 By Joel Spurlock - Joe Faulhaber In CrowdStrike

CrowdStrike today unveiled the next evolution of CrowdStrike’s industry-first IOAs: artificial intelligence (AI)-powered IOAs.

Read Post

CrowdStrike

Read more about Introducing AI-Powered Indicators of Attack: Predict and Stop Threats Faster Than Ever

AV-TEST Results Show Netskope Threat Protection Efficacy

Aug 9, 2022 By Tom Clare In Netskope

We measure and test things that are important in our lives, from credit scores to blood pressure. For cybersecurity, testing threat protection defenses is an expected benchmark. Netskope recently completed a set of anti-malware tests with AV-TEST, an independent anti-malware testing lab based in Germany with one of the world’s largest databases of malware samples. Every second, AV-TEST discovers four to five new malware variants.

Read Post

Netskope

Read more about AV-TEST Results Show Netskope Threat Protection Efficacy

Detecting CVE-2022-30216: Windows Server Service Tampering

Aug 9, 2022 By Corelight Labs Team In Corelight

In July 2022, Microsoft disclosed a vulnerability in the Windows Server Service that allows an authenticated user to remotely access a local API call on a domain controller, which triggers an NTLM request. This results in a leak of credentials that allows an attacker to authenticate to Active Directory Certification Services (ADCS) and to generate a client certificate that enables remote code execution on a domain controller.

Read Post