Reducing Investigation Time: How to Quickly Parse True Positives

Posted by Eran Cohen on Aug 20, 2019 10:45:00 AM

In the world of security operations, quickly and accurately investigating security incidents is paramount. As a result, filtering out the non-consequential incidents from the consequential incidents helps reduce the investigative time for the security ops team.

Non-malicious True Positives pose the most headaches for SOC teams because they waste valuable time that could have been better spent investigating a malicious True Positive or even worse: a False Negative. However, it’s a highly manual process to parse non-malicious True Positives from the malicious. The process demands a significant amount of time, resources, and expertise from an already busy, overworked Security Ops team whose time is better used for consequential, high-impact tasks and projects.

Read More

Topics: Threat Mitigation, User Behavior, Adaptive Response, Identity Verification, Incident Response, Insider Threat, Adaptive Threat Prevention, Conditional Access

What's New in 3.1? New Dashboard, Exciting Integrations, and A Free Product!

Posted by Monnia Deng on Aug 7, 2019 10:50:42 AM

Preempt is happy to release version 3.1, available today! Included in the release are a brand new security assessment dashboard, exciting features offering more visibility and better password and network security, new technology partners and product integrations, and a free lightweight tool. Let’s delve into what you can expect with this release.

Read More

Topics: Adaptive Response, Threat Detection, continous monitoring, Adaptive Threat Prevention, Integration, Conditional Access, Security Efficiency, Ping

Empowering Employees to Reduce Security Incidents

Posted by Eran Cohen on Jul 2, 2019 11:15:00 AM

In the hustle and bustle of our modern world, we can all get easily lost in the noise. One kind of noise is most frustrating for security teams: the noise of security incidents. With more and more data feeds into your security analytics products, it seems like we are creating more problems for ourselves with the all of the alerts and not enough manpower. 

Read More

Topics: Adaptive Response, Multi-factor Authentication, Identity Verification, Credential Compromise, ueba, Incident Response, Threat Detection, Insider Threat, Conditional Access

Detection Only Solutions Aren't Enough For Today's Security Teams

Posted by Heather Howland on Apr 27, 2018 4:28:00 AM

Last week I had the opportunity to speak with several CISOs about what they are doing to deal with cyberattacks, breaches and internal threats. A consistent theme I heard is that detection only solutions aren't enough. They need more practical approaches to rapidly respond to anomalous behavior and they need to reduce burden on analysts. Working smarter not harder. This is one of the great benefits of real-time threat prevention based on identity, behavior and risk. It can removes work from analyst via adaptive response and automated resolution of false positives. One customer recently told me that within just a couple months, automated response has helped them improve their efficiency by 30-40%. That’s a lot of time that can focused on more critical security tasks.

Read More

Topics: Adaptive Response, User and Entity Behavior Analytics, Incident Response, Threat Detection

How to Stay Out of the Security Shelfware Trap

Posted by Wade Williamson on Apr 11, 2018 11:45:03 AM

The RSA Conference is just around the corner, and with it, one of the true spectacles of the security industry. If you visit the show floor of exhibitors you will find a seemingly endless sea of security vendors and products stretching in all directions, each one promising to be the critical missing piece to save you from the next attack. It can be exciting, quasi-educational, and more than a little mind numbing all at once.

Read More

Topics: Adaptive Response, Incident Response, Threat Detection, Informaton Security

Simplifying PCI DSS 3.2 Compliance with Preempt

Posted by Heather Howland on Feb 9, 2018 1:21:56 PM

If your organization handles credit cards, you are no doubt familiar with  Payment Card Industry Data Security Standard (PCI DSS) compliance. PCI DSS is a set of requirements and procedures that have been established in order to strengthen security of cardholder transactions and data in order to reduce fraud. PCI DSS controls have been implemented for many years but as hackers have advanced their efforts, new requirements continue to emerge with updates to existing controls and reporting.

Read More

Topics: User Behavior, Adaptive Response, Identity Verification, Passwords, Compliance, PCI

Fixing Account Lockouts With Adaptive Policies

Posted by Wade Williamson on Jan 4, 2018 7:21:22 AM

Dealing with account lockouts is one of the unhappy facts of life for many IT teams. And while  resolving lockouts isn’t particularly difficult, it is the sheer volume of incidents that often weighs down IT teams. In fact a recent survey found that ⅓ of IT and Support tickets are tied to password resets and account lockouts.

Read More

Topics: Adaptive Response, Passwords, Compliance

How Identity, Behavior & Risk Enable Security in the New Digital Age

Posted by Ajit Sancheti on Dec 7, 2017 6:07:51 AM

Enterprises are deploying more cloud services, embracing DevOps, leveraging on-premises applications and exploring other productivity and cost optimization solutions. As a result, it is becoming harder for them to know who within the organization has access to what and how that access is being used or, as we found out in our latest survey, being misused.

Read More

Topics: User Behavior, Adaptive Response, Risk, CARTA, Identity

Evolving Employee Security Measures from “Weak Link” to “Front Line Defense”

Posted by Ajit Sancheti on Dec 1, 2017 8:09:38 AM

It's easy to think that attackers have gained an unfair advantage over security professionals. The network perimeter has virtually dissolved, compelling enterprises to simultaneously work to keep the bad guys out while tackling multiple insider threats – naïve employees, malicious insiders, careless third parties, and undetected malware or intruders that have already breached network defenses.

The challenge for security teams today? Legitimate users and activities should not be impeded, but determining what activity to block and what to allow is not always easy.

Read More

Topics: User Behavior, Adaptive Response, Insider Threats, Credential Compromise, Informaton Security

Stopping Breaches Requires Asking the Right Questions

Posted by Wade Williamson on Oct 26, 2017 4:07:21 PM

In a very short period of time, machine learning (ML) has had a major impact on the field of cybersecurity. Machine learning has proven to be adept at finding threats in ways that traditional signatures never could, whether detecting malware, finding vulnerabilities, or recognizing when a trusted employee has been compromised by an attacker.

Read More

Topics: Adaptive Response, Multi-factor Authentication