July 2, 2024
Navigating Insider Threat Solutions: The Case for a Unified Insider Threat Platform
Insider Threat
Insider threats pose a significant and growing risk to organizations, requiring strong solutions to detect, investigate, build cases and respond to such risks. Standalone solutions like User and Entity Behavior Analytics (UEBA), Privileged Access…
Read More
June 17, 2024
Federated Search Tools: Query All Data and Save Costs
SOC Security Analytics
SOC teams face increasing data challenges as sources diversify and volumes grow. However, this abundance can be leveraged for greater insights and risk understanding with the right tools. Federated search and advanced federated search tools simplify complex…
Read More
June 10, 2024
Lockkey Golang Ransomware
Threat Research
Lockkey is a ransomware variant written in the Go programming language, making it potentially more cross-platform and resilient than ransomware traditionally written in languages like C++. While the specifics of its technical mechanisms are unavailable due to the restricted…
Read More
May 24, 2024
Leprechaun – A New Malware Loader
Threat Research
Introduction The Leprechaun malware loader is a nascent threat that has emerged as a potential replacement for the IcedID malware. Leprechaun is a sophisticated malware loader with capabilities that make it a serious threat. In the current landscape, a novel malware…
Read More
May 23, 2024
Overcoming SOC Challenges in Multi-Cloud and Hybrid Cloud Scenarios
SOC Security Analytics
Multi-cloud and hybrid cloud architectures have become increasingly prevalent among enterprises. This approach involves distributing infrastructure across multiple cloud service providers, such as Azure and AWS, to enhance redundancy and mitigate the risk of downtime. While leveraging…
Read More
May 23, 2024
Gurucul Continues to Innovate and be Furthest to the Right in the 2024 Gartner Magic Quadrant for SIEM
SOC Security Analytics
As the majority of the SIEM industry becomes stagnant, we believe the report validates that Gurucul continues to go beyond other vendors to continuously deliver innovations. Gurucul meets the evolving requirements of customers by combating threat actors…
Read More
May 16, 2024
SIEM Market Consolidation: What Does This Mean for Customers?
SOC Security Analytics
Unpacking the SIEM Merger Shuffle There is a lot of upheaval in the SIEM market. Exabeam and LogRhythm announced merger plans on the same day that Palo Alto said they’re buying IBM’s legacy QRadar product. Of…
Read More
May 8, 2024
Insider Threat Detection Tools Requirements
Insider Threat
What is Insider Threat Detection? Insider threat detection is a critical cybersecurity process that focuses on identifying and mitigating risks posed by individuals within an organization who have authorized access to its systems and data. This…
Read More
May 7, 2024
Bellingcat Malware Investigation
Threat Research
Introduction Bellingcat, known for its investigative journalism, recently became the target of a sophisticated cyber attack. The analysis revolves around an email campaign that aimed to compromise Bellingcat’s systems. Here are the key details: Attack Vector: The attackers used an…
Read More
April 1, 2024
10 Questions to Ask SIEM Providers
SOC Security Analytics
Question 1. How Does Your SIEM Solution Handle Data Aggregation and Correlation? Question 2. Can Your SIEM Solution Integrate with Existing Security Infrastructure? Question 3. What Advanced…
Read More
March 23, 2024
Royal Ransomware
Threat Research
Executive Summary 1. Origins and Activity: The Royal ransomware made its debut in 2022, swiftly establishing itself as a significant menace in the cybersecurity landscape. During its reign, Royal has targeted both U.S. and international organizations, infiltrating their networks with malicious…
Read More
March 20, 2024
APT28’s OCEANMAP Backdoor
Threat Research
OCEANMAP: This sophisticated backdoor, attributed to the notorious Russian cyber espionage group APT28 (also known as Sofacy or Fancy Bear), was initially identified by CERT-UA. Let’s break down. Key Features: On December 28, 2023, CERT-UA reported a cyber attack attributed…
Read More