Building a better detection ecosystem

Building a better detection ecosystem

The Threat Research/Threat Hunting/Detection Engineering Ecosystem In the past couple of months, there have been numerous discussions on social media forums about how threat hunting methodologies overlap with detection engineering. Kostas (@Kostastsale), who’s a member of TheDFIRReport, recently wrote an excellent blog post on detection engineering vs. threat hunting.  ... Read More

Defending in a hostile environment: Key findings from the BlackHat NOC

|
Key points The Black Hat network is more unique and complex than a standard enterprise network due to the number and diversity of devices connected, the abundance of trainings and labs that occur, and the rapid nature of the engagement itself. Over the course of the conference, our IronDefense NDR ... Read More

Robin Banks might be robbing your bank

Key points from our research: Robin Banks is a phishing-as-a-service (PhaaS) platform, first seen in March 2022, selling ready-made phishing kits to cyber criminals aiming to gain access to the financial information of individuals residing in the U.S., as well as the U.K., Canada, and Australia. In mid-June, IronNet researchers ... Read More

IronNet security notifications related to Log4j vulnerability

IronNet product/engineering efforts in response to log4j vulnerability:  IronNet is aware of unpatched/vulnerable instances of log4j in our code and that of third-party vendors used within our code. At this time, we only can speculate as to the “exploitability” therein. Always keeping our customers’ best interests in mind and erring ... Read More

Detecting ransomware: three research-based recommendations

It seems like new ransomware incidents are now almost a daily occurrence. Victims large and small represent a variety of sectors, including health and education providers, critical services, corporate enterprises, and government entities. And for every compromise involving ransomware that makes its way to the public, there are likely many ... Read More