BFFs: UEBA Threat Detection and Post Infection Prevention

Posted by Eran Cohen on Aug 26, 2016 10:26:19 AM

I believe detection and prevention are the most chewed-over words in the security market. In the last 20 years, I have seen the term virus evolve to worm and horse (trojan). Then it left the living creature world and moved to the “Bond” world by becoming spyware, malware, ransomware and even getting recognized by names, such as Zeus, Cryptolocker and more.

And yet the basic terms of detection and prevention have remained steady.  No matter the triggers, no matter the technology or the company. Sometimes you’ll hear detection and prevention used together and sometimes separately depending on the solution’s capabilities.  What changes with these terms lies underneath as the threats to organizations continue to proliferate.

Read More

Topics: User Behavior, Behavioral Firewall, User and Entity Behavior Analytics

Taming ProjectSauron’s Evil Eye From Compromising Domain Controllers

Posted by Avi Kama on Aug 18, 2016 10:58:46 AM

In the past few days we all learned of the latest advanced cyber espionage spyware, ProjectSauron. An in-depth analysis was published by Kaspersky Lab, and found it to be one of the most advanced cyber-warfare malware ever made. The malware was named ProjectSauron after reference to the evil dark lord of Lord of the Rings was found embedded in the code.

Read More

Topics: APT, ProjectSauron, User and Entity Behavior Analytics, Domain Controller

Could Sage Have Acted More Sagely Before The Insider Breach?

Posted by Heather Howland on Aug 16, 2016 9:00:00 AM

This weekend, Sage Group sent out a warning to its customers about a data breach. According to the BBC, the breach exposed the personal details of employees at close to 300 companies in the UK and Ireland.

Read More

Topics: Insider Threats, User and Entity Behavior Analytics, Credential Compromise

Five Common Misconceptions in Enterprise Security Organizations - Part Two

Posted by Eyal Karni on Aug 3, 2016 8:00:00 AM

In my previous blog post (part 1), I talked about common misconceptions in Enterprise security organizations as they relate to IT security skills challenges along with the disadvantages of counting on log-based solutions for stopping advanced attacks. This week I’d like to focus on three other common misconceptions in IT security organizations. I’ll be talking about why bigger isn’t necessarily better, why User and Entity Behavior Analytics on its own is not enough and why “zero configuration” solutions will let you down.

Read More

Topics: User Behavior, APT, User and Entity Behavior Analytics