Threat Hunting February 2, 2023

How Do Threat Hunters Keep Organizations Safe?

3 min read - Neil Wyler started his job amid an ongoing cyberattack. As a threat hunter, he helped his client discover that millions of records had been stolen over four months. Even though his client used sophisticated tools, its threat-hunting technology did not…

Incident Response January 27, 2023

5 Golden Rules of Threat Hunting

6 min read - When a breach is uncovered, the operational cadence includes threat detection, quarantine and termination. While all stages can occur within the first hour of discovery, in some cases, that’s already too late. Security operations center (SOC) teams monitor and hunt…

Endpoint January 5, 2023

3 Reasons to Make EDR Part of Your Incident Response Plan

3 min read - As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident…

Endpoint October 17, 2022

3 Ways EDR Can Stop Ransomware Attacks

3 min read - Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack…

Advanced Threats August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why…

Threat Hunting July 15, 2022

What Cybersecurity Teams Can Learn From the US Cyber Command’s ‘Hunt Forward’

4 min read - After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of…

Security Services January 13, 2022

The Best Threat Hunters Are Human

4 min read - “You won’t know you have a problem unless you go and look.” Neil Wyler, who is known as ‘Grifter’ in the hacker community, made that statement as a precursor to an unforgettable story. An organization hired Grifter to perform active…

Incident Response December 18, 2021

Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them

4 min read - You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT…

Zero Trust May 10, 2021

The Future of Threat Hunting and Zero Trust: 8 Innovations to Watch at RSA

2 min read - Today’s top innovations are on the schedule for RSA Conference 2021. While you’re attending the virtual conference, what should be on the top of your list? Here are eight trends shaping our industry that’ll be getting some airtime, from artificial…

Application Security October 5, 2020

Web Application Security Best Practices: A Developer’s Guide

6 min read - Digital adoption is only increasing in today’s world. It brings with it the challenges of safeguarding financial and personal data against potential threat actors. Including web application security best practices during application development can patch some of these holes and…