Figure 1: Threat Information in the Uptycs Platform

Investigating Threat Alerts with Osquery: Understanding Threat Surface & Risk

The Uptycs Threat Intelligence team is responsible for providing a high quality, curated, and current Threat Intelligence feed to the Uptycs product. In order to deliver the threat feed, the team evaluates every single alert that is seen by our customers, and investigates the alert as feedback into the threat ... Read More
Cyber Threat Hunting 2019

What Is Cyber Threat Hunting? [2019]

Threats to cyber security have been around for decades, but the sophistication and motivations of attackers have evolved. In the early days, they carried out relatively simple, insignificant attacks in an attempt to show off their programming abilities; now, sophisticated cybercriminals (sometimes sponsored by governments and companies) launch serious attacks ... Read More
Why Real Time Threat Intelligence Isn’t Enough

Why Real Time Threat Intelligence Isn’t Enough

Detecting security threats is difficult work, now more so than ever. Our threat intelligence tools are playing catch-up with increasingly sophisticated attack vectors, including polymorphic malware, quick-turn domains and other turn-on-a-dime attack tactics ... Read More
Why Real Time Threat Intelligence Isn’t Enough

Why Real Time Threat Intelligence Isn’t Enough

Detecting security threats is difficult work, now more so than ever. Our threat intelligence tools are playing catch-up with increasingly sophisticated attack vectors, including polymorphic malware, quick-turn domains and other turn-on-a-dime attack tactics ... Read More

Threat Hunting with Osquery: 5 macOS Malware Techniques & How to Find Them

This previous blog post explored ways to use osquery for macOS malware analysis. Using the same methodology introduced there, we analyzed five additional macOS malware variants and recorded their behavior to understand the techniques they used. Below, you’ll find the techniques used by Calisto, Dummy, HiddenLotus, LamePyre and WireLurker. Read ... Read More