Eran Cohen

Eran Cohen is Director of Product Management at Preempt.
Find me on:

Recent Posts

Shopping for a Cyber Security Product? 7 Tips to Help You Get What You Need.

Posted by Eran Cohen on Aug 13, 2018 12:56:59 PM

It’s increasingly difficult and more complex to be an effective buyer of security products today. Messaging and content overlaps are everywhere, cloud platforms claim to do what endpoint solutions do, and all the while products are constantly pivoting in the middle of operation - often changing their identity and main purpose. At the same time, enterprise and personal priorities change, vendor awards are presented to whoever pays more, analysts are not always aligned, and the list goes on.

Read More

How to Use Identity, Behavior and Risk to Prevent Compromised Credentials

Posted by Eran Cohen on Jan 25, 2018 10:00:00 AM

Identity, Behavior and Risk. Identity, Behavior and Risk. Almost like a mantra. Think about it for few seconds. Identity, Behavior and Risk are the 3 main pieces of evidence that security personnel would like to deeply understand so they can protect their organization and users from credential compromise

Read More

Getting the Most out of a Security Product POC

Posted by Eran Cohen on Jan 21, 2018 3:00:00 PM

Vendors, especially in the over crowded security space, often must help buyers justify their investment. But what happens when there isn’t a real problem during the test period? This can make it difficult to properly assess. Some security vendors will simulate problems, others may sponsor penetration tests, or they may provide a list of tests and tools, and so on. In the highly competitive End Point market (aka AntiVirus) they will use any tool they may have in the box.

Read More

Topics: CISO, POC

Reduce Harm by Refocusing on the Basics

Posted by Eran Cohen on Aug 11, 2017 10:22:02 AM

Full disclosure: I wasn’t physically at BlackHat 2017. But my colleagues who attended told me about the keynote by Alex Stamos, CSO at Facebook.

Read More

Topics: CISO, Risk, Passwords, Identity, Informaton Security

QakBot, Stop Playing with my Active Directory!

Posted by Eran Cohen on Jun 23, 2017 9:39:32 AM

Really, it’s not just me saying that Active Directory is the crown jewel. It's actually them, the hackers, that de facto target the active directory in almost every advanced attack. They look for domain credentials and administrative accounts, they practice domain reconnaissance, privilege elevation, targeted attacks against the domain controller and more. Their motivation is similar to terror. For example: produce widespread fear, obtain recognition and attention of media, steal money, damage facilities and functionalities. This is why it was not surprising to learn about the QakBot Trojan causing a mess. 

Read More

Topics: Active Directory, Credential Compromise, Passwords, Hacking

The Insider Threat Denial Syndrome

Posted by Eran Cohen on May 18, 2017 12:01:22 PM

I believe there is a “denial syndrome” that exists in cyber security. I’m not referring to the “It won’t happen to me” concept, I’m pointing to a deeper and more dangerous belief. In psychology, denial happens when we are uncomfortable with the facts of reality and instead of dealing with it we reject it, insisting it is not correct.

Read More

Topics: User Risk, Insider Threat

How Security Operations Can Safely Stop Investigating Benign True Positives

Posted by Eran Cohen on Apr 20, 2017 8:45:19 AM

True Positives. It’s a topic of great interest to me. Security Operations can spend a lot of time dealing with separating out the truly non-malicious events. There is an easier way. But, before we go further, let’s align and calibrate on the terminology of True/False Positives/Negatives. Some of these terms have varying levels of agreement. It reminds me of VLAN-- you can have 5 people in the room and there will be 6 different definitions for it. To make sure we are on the same page, let's start with basic definitions accompanied with real life examples. 

Read More

Topics: Security Skills, User and Entity Behavior Analytics, ueba, Incident Response

35% of Users Have Weak Passwords; the Other 65% can be Cracked

Posted by Eran Cohen on Mar 13, 2017 5:00:00 AM

Password leaks from public breaches help us learn how people think, allow us  to identify patterns and build dictionaries of passwords. As password cracking methods evolve, Upper characters, Lower characters, Special characters and Digits (ULSD) recommendations and password complexity mean less.

Read More

Topics: CISO, Credential Compromise, Passwords

IT Security’s 8th Sense - How Big Data and Human Behavior Provide an Edge

Posted by Eran Cohen on Mar 9, 2017 7:45:00 AM

Big Data is a revolution that in my opinion is equivalent to other epiphany moments such as when humanity (i.e. Galileo) identified that the sun isn’t moving. It's our planet that moves around it.  Science and discovery have changed the way people perceive the world.

Read More

Topics: User Behavior, big data

Analyzing User Behavior is the Beginning. How It's Applied is What Really Matters.

Posted by Eran Cohen on Mar 3, 2017 2:59:40 PM

Think about this statement: “Half of the people you know are below average.” In simple terms, it means that statistically most of the people you know are considered to have average intelligence, or just below or above the line. Does this mean they are dangerous? Does it mean you should reconsider your friendship? Let’s not jump to conclusions just yet.

Read More

Topics: CISO, Behavioral Firewall, User and Entity Behavior Analytics, Use Case, ueba