Mr.Trunk · @mrtrunk
12 followers · 19554 posts · Server dromedary.seedoubleyou.me
AzureTracks · @azuretracks
0 followers · 24 posts · Server techhub.social

Tip: Regularly review and refine your analytics rules in Microsoft Sentinel to optimize detection accuracy and minimize false positives. Stay updated with the latest threat intelligence to enhance your rule sets.

#threatdetection #MicrosoftSentinel

Last updated 1 year ago

Beth Pariseau · @BPariseau
308 followers · 117 posts · Server hachyderm.io
Corelight · @corelight
87 followers · 26 posts · Server infosec.exchange

Attention, GISEC Global attendees! Swing by booth A50 in Hall 7 for cool swag and more ๐Ÿ‘• ๐Ÿ–Š๏ธ ๐Ÿฅค @corelight and Spire Solutions experts will be on hand to share how security teams are expanding network visibility, accelerating , improving , and reducing costs with Open . Come learn how your team can do the same! Book a meeting โžก๏ธ corelight.com/contact?hsCtaTra

More about the event: gisec.ae/

#incidentresponse #threatdetection #SecurityOperations #ndr #networksecurity #cybersecurity #dfir #threathunting

Last updated 2 years ago

Corelight · @corelight
87 followers · 26 posts · Server infosec.exchange

Attention, GISEC Global attendees! Swing by booth A50 in Hall 7 for cool swag and more ๐Ÿ‘• ๐Ÿ–Š๏ธ ๐Ÿฅค @corelight and Spire Solutions experts will be on hand to share how security teams are expanding network visibility, accelerating , improving , and reducing costs with Open . Come learn how your team can do the same! Book a meeting โžก๏ธ corelight.com/contact?hsCtaTra

More about the event: gisec.ae/

#incidentresponse #threatdetection #SecurityOperations #ndr #networksecurity #cybersecurity #dfir #threathunting

Last updated 2 years ago

Corelight · @corelight
87 followers · 25 posts · Server infosec.exchange

Come say hi to Corelight and Spire Solutions at booth A50 in Hall 7 during GISEC Global in Dubai next week! Our experts will be on hand to share how to expand network visibility, accelerate , improve , and reduce costs. Plus we'll have swag โ€” you don't want to miss it! gisec.ae/

#incidentresponse #threatdetection #SecurityOperations #networksecurity #cybersecurity #dfir #threathunting

Last updated 2 years ago

Corelight · @corelight
84 followers · 20 posts · Server infosec.exchange

This week our own Ralf Schmitz will be presenting "Network Transparency with Open NDR" at CyberSec Munich, which will focus on why is critical to effective . If you plan on attending the event, swing by the exhibit hall to speak with our Corelight experts about the latest in acceleration and expansion.

To learn more about Corelight's Open NDR Platform, visit our website: corelight.com/products/open-nd

Find out more about CyberSec Munich here: epnlive.com/event/cybersecmuni

#networksecurity #cyberdefense #incidentresponse #threatdetection #cybersecurity #cloudsecurity #dfir

Last updated 2 years ago

Corelight · @corelight
84 followers · 20 posts · Server infosec.exchange

Join the (ISC)ยฒ Central Ohio Chapter for its monthly "drinking club with a problem" chapter meeting on March 6. Come have a beer, enjoy some snacks, and talk about the latest in ๐Ÿบ๐Ÿฟ๐Ÿ” Reserve your spot today: eventbrite.com/e/isc2-central-

For the latest in and , check out our blog: corelight.com/blog

#security #cybersecurity #threatdetection #incidentresponse #networksecurity #ndr #secops #dfir

Last updated 2 years ago

Corelight · @corelight
84 followers · 18 posts · Server infosec.exchange

What exactly is Network Detection and Response ()? How is it different from Endpoint Detection and Response ()? And why is this technology more relevant for and than ever? Our own Jean Schaffer, a expert with more than 33 years with the United States Department of Defense , answered these questions and more in a recent mnemonic podcast with Robby James Peralta. Listen here ๐ŸŽ™๏ธ: mnemonic.buzzsprout.com/652378

@corelight

#ndr #edr #threatdetection #threathunting #cybersecurity #networksecurity

Last updated 2 years ago

Josh Lemon · @joshlemon
130 followers · 29 posts · Server infosec.exchange

Some of our brilliant team members, Amit Malik and Pratik Jeware from Uptycs, talking about and the ways to leverage for detection at Nullcon.


youtu.be/UjttDseKXaA

#threatintel #macos #malware #osquery #threatdetection #dfir

Last updated 2 years ago

John Harmon · @johnharmon
3 followers · 5 posts · Server infosec.exchange

Check out the latest research from
@sbousseaden, a deep-dive into hunting for malicious DLLs for : go.es.io/3jMg8rL

#elasticsecuritylabs #threatdetection

Last updated 2 years ago

PunkLawyer · @punklawyer
143 followers · 1215 posts · Server mastodon.sdf.org

TRUCK SIZE ASTEROIDS LIKE THE ONE THAT JUST MISSED US AREN'T THAT DANGEROUS, BUT OLYMPIC POOL SIZED ASTEROIDS ARE, AND JUST AS HARD TO SEE

*asteroids 5-to-50 meters in diameter, that also includes those as big as an Olympic swimming pool. Objects that size are difficult to detect until they wander much closer to Earth, complicating any efforts to brace for one that could impact a populated area.*

's sudden flyby shows blind spot in planetary
reuters.com/lifestyle/asteroid

#asteroid #threatdetection

Last updated 2 years ago

Selena Larson · @selenalarson
1255 followers · 313 posts · Server mastodon.social
Samrose · @samrose
40 followers · 12 posts · Server infosec.exchange

Matano is live on the front page of HackerNews!! ๐Ÿ”ฅ

Come join the discussion on OSS, SIEM, and why we are helping orgs build on top of vendor-agnostic Security Data Lakes instead ๐Ÿ™‚

news.ycombinator.com

#cybersecurity #security #oss #hackernews #cloudsecurity #DetectionAndResponse #threathunting #threatdetection #datalake #awssecurity #aws #siem #securitydatalake

Last updated 2 years ago

Samrose · @samrose
40 followers · 12 posts · Server infosec.exchange

๐ŸŒ Announcing Matano + Suricata!

Suricata is a popular open source NIDS/NIPS engine used for network analysis and threat detection.

We just shipped out a new integration that allows you to easily push Suricata logs & alerts into a Matano Security Lake in your AWS account for realtime detection-as-code with Python and analysis using AWS Athena + SQL! ๐Ÿš€

Interested in how to build your own Security Data Lake using Suricata logs?

Check out our blog post: matano.dev/blog/2023/01/12/sur ๐Ÿ”Ž

#opensource #infosec #networksecurity #suricata #OISF #intrustiondetection #intrusionprevention #ids #ips #nids #nips #cloudnative #cloudsecurity #rust #datalake #aws #awssecurity #ApacheIceberg #secops #security #siem #threatdetection #threathunting #DetectionAndResponse

Last updated 2 years ago

Noah McDonald · @noahmcdonald
26 followers · 19 posts · Server infosec.exchange

Following up on this post, Permiso wrote a blog explaining how attackers are abusing Simple Email Service (SES). Two blogs within a week of each other talking about the SES service being exploited... hope you are paying attention and learning from these! permiso.io/blog/s/aws-ses-pion

#aws #cloud #threatdetection

Last updated 2 years ago

Noah McDonald · @noahmcdonald
26 followers · 18 posts · Server infosec.exchange
Samrose · @samrose
22 followers · 6 posts · Server infosec.exchange

I'm excited to announce that Matano is joining YCombinator's W23 Batch! ๐Ÿš€

SIEM today is broken -- it's too expensive, doesn't scale, has poor support for correlation, causes vendor lock-in, is inflexible for detection engineering, the list goes on...

My brother Shaeq and I quit our jobs at AWS to solve this problem and build a better solution for security operations and analytics that fully utilizes the power of cloud and big data tech available today.

While the cybersecurity industry has been held back by legacy architectures tied to age-old vendor products, the data analytics industry has seen a ton of innovation through open source initiatives such as Apache Iceberg, Parquet, and Arrow delivering massive cost savings and performance breakthroughs.

We started Matano to close the gap between these two worlds by building an OSS platform to help security teams leverage the modern data stack (e.g. Spark, Athena, Snowflake) to efficiently analyze security data from all the disparate sources across an organization (Cloud/SaaS, Endpoint, Network, etc.).

Matano helps Detection & Response teams break free from their SIEM by deploying a vendor-agnostic Security Data Lake into their AWS account and giving them a platform to build detection-as-code using Python and SQL!

This is just the beginning in our mission to build the first open platform for threat hunting, detection & response, and cybersecurity analytics at petabyte scale.

I am super grateful to all of our early supporters for the help & joining in on this journey to reinvent SIEM. Let's goo!

ycombinator.com/launches/Hl0-m

#startup #ycombinator #opensource #cybersecurity #cloudsecurity #awssecurity #siem #threatdetection #secops #devsecops #aws #infosec #dfir #DetectionAndResponse #soc #ApacheIceberg #security #datalake #blueteam

Last updated 2 years ago

Tanisha L. Turner · @cybersecdiva
137 followers · 29 posts · Server infosec.exchange
Recon InfoSec · @recon_infosec
519 followers · 27 posts · Server infosec.exchange

Another awesome in the books! Thanks so much to @olafhartong for the awesome discussion around leveraging Sysmon alongside EDR for and .

Tune in next week to hear from Chris Gerritz on Detection Engineering & Rule Writing!

Register here: reconinfosec.com/thursday-defe

#ThursdayDefensive #threatdetection #incidentresponse

Last updated 2 years ago