Defending Against Credential Compromise (VIDEO)

Posted by Heather Howland on Sep 29, 2017 4:08:12 PM

Credential Compromise has been a leading attack vector for the last five years. There are a variety of ways that attackers can do this. It could be by guessing passwords, phishing emails, spyware,  or even pulling credentials out of memory. To detect and more proactively defend against credential compromise, organizations need to have visibility into identity, behavior and risk as well as the ability to automatically respond or take action when signs of compromise have been detected.

Read More

Topics: Adaptive Response, password brute force, Credential Compromise, Passwords

Getting to the Root of Security Alert Fatigue

Posted by Wade Williamson on Jul 27, 2017 1:06:27 PM

Something is very wrong in the security industry and “security alert fatigue” is one of the most obvious symptoms. Most enterprises generate far more security alerts than their security staff can analyze. Typically it’s not even close. The problem extends to all industries, but a recent survey of banking security leaders brought the issue into sharp focus.  The study found that 61% of the organizations generate at least 100,000 events per day. 37% of organizations generated more than 200,000 events per day. That is simply too many events to process even for the largest of security teams. This shouldn’t be the norm, but virtually anyone who works in security can attest that it is. So let’s take a looks at why this is happening and what we can do to fix it. 

Read More

Topics: Adaptive Response, Incident Response

How to Stop NotPetya and Similar Ransomware from Spreading in the Network

Posted by Yaron Zinar on Jul 5, 2017 2:06:01 PM

NotPetya, a recent malware, masquerading as the known Petya ransomware started wreaking havoc at a world scale last week. Initially, it looked like another wave in the malware storm that started with Shadow Brokers’ publication of EternalBlue and other zero-day vulnerabilities in Windows OS. And, in fact, NotPetya used EternalBlue as one of the lateral movement methods in its arsenal. But, apparently, the developers of NotPetya wanted to hit some high-value targets and the risk that these networks had already been fully patched would have ruined their attack.

Read More

Topics: Adaptive Response, Credential Compromise, ueba, Ransomware

CARTA - The Evolution of IT Security Beyond Black and White

Posted by Ajit Sancheti on Jun 16, 2017 10:04:54 AM

Gartner’s 2017 Security Summit began this week with a keynote from Neil MacDonald, Eric Ahlm and Ramon Krikken introducing a new charter that will transform all areas of information security moving forward. They introduced a new strategic approach called CARTA* – Continuous Adaptive Risk and Trust Assessment.

Read More

Topics: CISO, Adaptive Response, Risk, CARTA