Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

4 Differences Between Threat Hunting vs. Threat Detection

Increasingly, companies are becoming aware of the importance of building threat detection and hunting capabilities that avoid putting their businesses at risk. Now more than ever, when it comes to both protecting enterprise cybersecurity and delivering effective IT security solutions and services, organizations and MSPs can no longer simply act when cyberattacks occur, but long before they even pose a threat.

Catching SSH and RDP attacks without decryption

With the rise in distributed workforces both SSH and RDP connections have proliferated as remote employees connect to sensitive internal environments and machines to do their job. Unfortunately, these remote-friendly protocols are also prime attack targets and once compromised give adversaries a clear path to move laterally, deploy ransomware, and more.

Detect Everything: Bring Google Scale NDR to your Security Operations

Many organizations find that today’s security tools are not built for petabyte scale, long-term telemetry retention and are often cost prohibitive. Ingestion based pricing forces customers to limit what data is collected and retained, resulting in both more false positives and missed valid threats. Learn how enterprises can leverage all of their high-fidelity network data to gain a comprehensive, accurate and real-time understanding of your environment at any scale, on-prem or in the cloud.

Operationalizing network evidence for meaningful outcomes

Organizations are experiencing an increase in both threat volumes and complexity, leaving corporate security teams with the ongoing challenge of balancing workloads across a broader attack surface. IT and security teams struggle to identify all their endpoints and are often unable to install Endpoint Detection and Response (EDR) software on every known endpoint device, leaving security gaps that increase business risk. Network visibility is crucial for multi-layer defense and provides critical data to fill endpoint visibility gaps.

Detection and response for the actively exploited ProxyShell vulnerabilities

On August 21, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released an urgent notice related to the exploitation of ProxyShell vulnerabilities ( CVE-2021-31207 , CVE-2021-34473 , CVE-2021-34523 ). By chaining these vulnerabilities together, threat actors are compromising unpatched Microsoft Exchange servers and gaining footholds into enterprise networks.

Tessian partners with Optiv Security as part of the company's move to a 100% channel model

Human Layer Security company Tessian today announces that it is moving to a 100% channel model, partnering with leading cybersecurity partners like Optiv Security to help enterprises secure the human layer and protect against threats caused by human error.

Cyber Defenders Defending Critical Infrastructure Interview with Aaron Cockerill

Nextgov interview with Aaron Cockerill for a conversation shaped by today’s topics of critical infrastructure and cybersecurity threats. Discussing everything from phishing attacks to hybrid-remote work best practices, this interview offers insight into how Lookout can help both public and private organizations address digital threat prevention, providing relevant context to the cybersecurity world going forward.

SANSFire: An Alert Has Fired. Now what?

While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This webcast will discuss how a solid foundation of network telemetry can enable not only high-velocity, high-confidence processing of alerts of all stripes, but also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.