Secure access service edge (SASE – pronounced “sassy”) is a modern architectural framework that combines network security and wide area networking (WAN) capabilities into a unified cloud-based service. It is designed to provide secure and optimized access to network resources for users, regardless of their location or the devices they use. Secure access service edge […]
Read more
Millions of cybersecurity events occur every day, and as time and technology continue to progress, the means of these cyber attacks become more sophisticated and immensely more difficult to detect. Statistically speaking, if you are a business owner who stores and manages sensitive data, it is not a matter of if but when someone will […]
Read more
Once a threat actor gains access to a network or tricks a user into downloading a malicious attachment. The next step is to download their payload, this could be a toolset or malware. Code obfuscation has become an important step for threat actors to accomplish this task. Whether it is a webshell, or a utility […]
Read more
Security operations (SecOps) teams are battling a complex and ever-evolving challenge: Keeping an organization secure against cyberattacks from faceless, remote users in a technologically advanced world. With the rise of threats, new technologies, and increasingly sophisticated scams, staying ahead of the bad guys is more important than ever. That’s where security orchestration, automation, and response […]
Read more
This week, NetWitness proudly joins BlackHat in the Network Operations Center (NOC) at the BlackHat ASIA event, continuing our long-standing collaboration. As always, we’re here to provide top-notch SIEM, NDR, and SOAR services, standing shoulder to shoulder with our seasoned global threat-hunting team, which comprises Sales Engineering and Incident Response.
Read more
If your business uses cloud technology for day-to-day operations — or is looking to start — our NetWitness Cloud SIEM will ensure that you can operate safely and securely!
Read more
The mission of the U.S. Marshals Service (USMS) is “to enforce federal laws and provide support to virtually all elements of the federal justice system” through multiple disciplines. Its law enforcement (LE) focus, reach and scope make this week’s report of a recent cyberattack involving both ransomware and data exfiltration especially concerning. While this […]
Read more
The takedown of the Hive ransomware-as-a-service group has been in the news over the past week, and it’s good news indeed. Beyond the obvious benefits of disrupting this criminal enterprise, there are some other discrete takeaways which are particularly important to note. Cross-jurisdictional cooperation and coordination can be done, and done effectively. Any of […]
Read more
Introduction Many years ago, I spoke at a @suitsandspooks panel in Washington, D.C. with some of the cybersecurity industry’s best and brightest minds. One of the topics addressed was the concept of active defense strategy in the commercial (private sector) world versus the public world. In those days the idea of ‘hacking back’ against a […]
Read more
UPDATED March 25, 2022: The Biden Administration released a statement on March 21 urging companies to strengthen their cybersecurity capabilities and protections in the face of potentially damaging cyber activity perpetrated by threat actors as part of the ongoing conflict. The Administration also urged organizations to execute a number of best practices for bolstering cyber […]
Read more
