IOC
Building an Alert System Using Snowflake
During my time here at Silverfort, I was tasked with building an alert system to send messages from our Snowflake database directly to a Slack channel. Easy enough, I thought to myself ...
Superior Integrity Monitoring: Getting Beyond Checkbox FIM
If File Integrity Monitoring (FIM) were easy, everyone would be doing it. Actually, it is pretty easy. It’s not exactly rocket science. Practically anyone with a modicum of Python, Perl or development skills can ...
Securing the Financial Sector Now and Into the Future with XDR
Figuring out if your organization is under attack is typically a time-consuming, labor-intensive affair. Analysts must gather data across multiple security tools and perform careful analysis, a process that can take hours, ...
Getting the most out of your NIDS
By Jon Natkins, Product Manager, Corelight Network Intrusion Detection Systems (NIDS) are widely deployed by the most sophisticated blue teams in the world. For well-funded organizations, there is little question about the ...
Robust Indicators of Compromise for SUNBURST
There has been a great deal of confusion regarding what network based Indicators of Compromise (IOC) SolarWinds Orion customers can use to self assess whether or not they have been targeted after ...
One Step Beyond: Using Threat Hunting to Anticipate the Unknown
Article by Paul German, CEO, Certes NetworksA cyber threat could be lurking in any corner of an organisation’s infrastructure. The complex networks encompassing numerous smart and interconnected technologies make it easy for ...
Behavioral analysis versus artifacts/IOC’s
Much of our defensive architecture today is based on the ability to extract indicators of compromise from logs, packet data and flow data and the monitoring of processes on the system. While ...
Oh, BTW, The Russians Cyberattacked the U.S. Critical Infrastructure
While we have been distracted by the dalliances of an errant president, the exfiltration from Facebook of personal information belonging to a gazillion users, and the use of those data to influence ...
Toolsmith Release Advisory: Malware Information Sharing Platform (MISP) 2.4.52
7 OCT 2016 saw the release of MISP 2.4.52.MISP, Malware Information Sharing Platform and Threat Sharing, is free and open source software to aid in sharing of threat and cyber security indicators.An ...