Threat Detection


Securing AWS Management Configurations By Combating 6 Common Threats

There’s a common misconception that cloud providers handle security, a relic leftover from hosting providers of previous decades. The truth is, cloud providers use a shared responsibility model, leaving a lot of security up to the customer. Stories of AWS compromise are widespread, with attackers often costing organizations many thousands of dollars in damages.


How Threat Intelligence Could Have Helped Prevent 2020's Cybersecurity Incidents

If anyone has benefitted from the pandemic, it has been cyber attackers. As businesses expanded their investment in cloud resources and other IT resources in response to the pandemic, cyberattacks also dramatically increased. Businesses reported 445 million cyberattack incidents in 2020, double the rate for 2019. It didn’t have to be this way. With stronger threat intelligence solutions in place, many of the security incidents of 2020 could likely have been averted.


Unified threat detection for AWS cloud and containers

Implementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, clusters, stored information, and input/output data streams. When you add configuration and user management to the mix, it’s clear that there is a lot to secure!


Detecting Cobalt Strike with memory signatures

At Elastic Security, we approach the challenge of threat detection with various methods. Traditionally, we have focused on machine learning models and behaviors. These two methods are powerful because they can detect never-before-seen malware. Historically, we’ve felt that signatures are too easily evaded, but we also recognize that ease of evasion is only one of many factors to consider.


Extended threat detection and response (XDR): Filling out cybersecurity gaps

Image source Business technology generally advances on a rapid basis, however, so do the cyberthreats that can endanger your security. According to BusinessWire, more than half of enterprises believe that their security cannot keep up, and according to IBM News Room, more than half of organizations with cybersecurity incident response plans fail to test them.


Host-based Intrusion Detection System - Overview and HIDS vs NIDS

Although a business appears to make every effort to protect its assets, there is still no security guarantee. Hackers being fully aware of this uncertainty, tend to take complete advantage by tricking users or bypassing restrictions of the technology products in use, allowing them to acquire complete access. Such perils have given rise to the necessity of having a proactive approach towards cyber security to identify, prepare and respond to events.

How The Dark Web Continues to Threaten Businesses

The Internet is a massive space. Seven days a week, millions of web sites, files, and servers run 24 hours a day. Even so, it is just the tip of the iceberg that we surf and the visible websites that can be accessed using search engines such as Google and Yahoo. The Deep Web, which makes up approximately 90 percent of all websites, is underneath the ground. This hidden network is so massive that it is difficult to figure out at any given time how many pages or sites are currently involved.

Bullet-Proofing Serverless Infrastructures with Failure and Threat Detection

When building cloud-based systems and serverless systems, in particular, it’s crucial to stay on top of things. Your infrastructure will be miles away from you and not a device you hold in your hands like when you build a frontend. That’s why adding a monitoring solution to your stack, which offers a pre-configured serverless failure detection, should be one of the first decisions.

Cyber Security in 2021: Confident Detection and Response

As the volume and sophistication of cyber threats grow, it’s imperative that companies have the ability to rapidly detect and confidently respond to a variety of threats. Devon Ackerman, Head of Incident Response for Kroll’s Cyber Risk practice in North America shares how security leaders feel their organizations are inadequately resourced to run a mature detection and response program.