Betanews: Why vulnerability management needs a refresh [Q&A] https://betanews.com/2023/09/06/why-vulnerability-management-needs-a-refresh-qa/ #Vulnerabilitymanagement #threatdetection #cybersecurity #Article #QA

Tip: Regularly review and refine your analytics rules in Microsoft Sentinel to optimize detection accuracy and minimize false positives. Stay updated with the latest threat intelligence to enhance your rule sets. #ThreatDetection #MicrosoftSentinel

@sysdig is staking its claim in #CNAPP based on that runtime #threatdetection and response, which was a selling point for @bigcommerce last year. #cloudnativesecurity #cybersecurity https://www.techtarget.com/searchitoperations/news/366539616/Sysdig-CNAPP-runtime-threat-detection-wins-over-BigCommerce

Attention, GISEC Global attendees! Swing by booth A50 in Hall 7 for cool swag and more 👕 🖊️ 🥤 @corelight and Spire Solutions experts will be on hand to share how security teams are expanding network visibility, accelerating #incidentresponse, improving #threatdetection, and reducing #securityoperations costs with Open #NDR. Come learn how your team can do the same! Book a meeting ➡️ https://corelight.com/contact?hsCtaTracking=5ac55411-1d8c-4ad9-b3e1-811fed6bdd22%7C342049df-71c2-46e0-b967-fd4ad362f2e3

More about the event: https://www.gisec.ae/

#NetworkSecurity #Cybersecurity #DFIR #ThreatHunting

Attention, GISEC Global attendees! Swing by booth A50 in Hall 7 for cool swag and more 👕 🖊️ 🥤 @corelight and Spire Solutions experts will be on hand to share how security teams are expanding network visibility, accelerating #incidentresponse, improving #threatdetection, and reducing #securityoperations costs with Open #NDR. Come learn how your team can do the same! Book a meeting ➡️ https://corelight.com/contact?hsCtaTracking=5ac55411-1d8c-4ad9-b3e1-811fed6bdd22%7C342049df-71c2-46e0-b967-fd4ad362f2e3

More about the event: https://www.gisec.ae/

#NetworkSecurity #Cybersecurity #DFIR #ThreatHunting

Come say hi to Corelight and Spire Solutions at booth A50 in Hall 7 during GISEC Global in Dubai next week! Our experts will be on hand to share how to expand network visibility, accelerate #incidentresponse, improve #threatdetection, and reduce #securityoperations costs. Plus we'll have swag — you don't want to miss it! https://www.gisec.ae/

#NetworkSecurity #Cybersecurity #DFIR #ThreatHunting

This week our own Ralf Schmitz will be presenting "Network Transparency with Open NDR" at CyberSec Munich, which will focus on why #networksecurity is critical to effective #cyberdefense. If you plan on attending the event, swing by the exhibit hall to speak with our Corelight experts about the latest in #incidentresponse acceleration and #threatdetection expansion.

To learn more about Corelight's Open NDR Platform, visit our website: https://corelight.com/products/open-ndr/

Find out more about CyberSec Munich here: https://epnlive.com/event/cybersecmunich23/

#Cybersecurity #CloudSecurity #DFIR

Join the (ISC)² Central Ohio Chapter for its monthly "drinking club with a #security problem" chapter meeting on March 6. Come have a beer, enjoy some snacks, and talk about the latest in #cybersecurity 🍺🍿🔐 Reserve your spot today: https://www.eventbrite.com/e/isc2-central-ohio-march-monthly-chapter-meeting-tickets-489634498967?aff=ebdsoporgprofile

For the latest in #threatdetection and #incidentresponse, check out our blog: https://corelight.com/blog

#NetworkSecurity #NDR #SecOps #DFIR

What exactly is Network Detection and Response (#NDR)? How is it different from Endpoint Detection and Response (#EDR)? And why is this technology more relevant for #threatdetection and #threathunting than ever? Our own Jean Schaffer, a #cybersecurity expert with more than 33 years with the United States Department of Defense , answered these questions and more in a recent mnemonic podcast with Robby James Peralta. Listen here 🎙️: https://mnemonic.buzzsprout.com/652378/12171841-network-detection-and-response-ndr-the-value-of-evidence

#NetworkSecurity @corelight

Some of our brilliant #ThreatIntel team members, Amit Malik and Pratik Jeware from Uptycs, talking about #macOS #malware and the ways to leverage #osquery for detection at Nullcon.

#ThreatDetection #DFIR
https://youtu.be/UjttDseKXaA

Check out the latest #ElasticSecurityLabs research from
@sbousseaden, a deep-dive into hunting for malicious DLLs for #threatdetection: https://go.es.io/3jMg8rL

TRUCK SIZE ASTEROIDS LIKE THE ONE THAT JUST MISSED US AREN'T THAT DANGEROUS, BUT OLYMPIC POOL SIZED ASTEROIDS ARE, AND JUST AS HARD TO SEE

*asteroids 5-to-50 meters in diameter, that also includes those as big as an Olympic swimming pool. Objects that size are difficult to detect until they wander much closer to Earth, complicating any efforts to brace for one that could impact a populated area.*

#Asteroid's sudden flyby shows blind spot in planetary #threatdetection
https://www.reuters.com/lifestyle/asteroids-sudden-flyby-shows-blind-spot-planetary-threat-detection-2023-01-29/

New episode of DISCARDED! 🎙️🔮

We’re joined by Rich Gonzalez, Daniel Blackford, and @adorais to talk about what we expect to see from threat actors in this year. Lots of really great insights about actor TTP changes, vulnerability exploitation, MFA bypass, and more. Tune in!

#podcast #cybersecurity #threatintelligence #threatdetection #thrunting

Apple: https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000596376028

Spotify: https://open.spotify.com/episode/15SwTlR0ziMoHSfSAJVuyC?si=b5268e7df9f744e5

Google: https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzE5ODY3L3Jzcy54bWw/episode/aHR0cHM6Ly9hcGkuc3ByZWFrZXIuY29tL2VwaXNvZGUvNTI1MzI2MTc

Web: https://www.proofpoint.com/us/podcasts/discarded#123486

Matano is live on the front page of HackerNews!! 🔥

Come join the discussion on OSS, SIEM, and why we are helping orgs build on top of vendor-agnostic Security Data Lakes instead 🙂

https://news.ycombinator.com

#cybersecurity #security #oss #hackernews #cloudsecurity #detectionandresponse #threathunting #threatdetection #datalake #awssecurity #aws #datalake #siem #securitydatalake

🌐 Announcing Matano + Suricata!

Suricata is a popular open source NIDS/NIPS engine used for network analysis and threat detection.

We just shipped out a new integration that allows you to easily push Suricata logs & alerts into a Matano Security Lake in your AWS account for realtime detection-as-code with Python and analysis using AWS Athena + SQL! 🚀

Interested in how to build your own Security Data Lake using Suricata logs?

Check out our blog post: https://www.matano.dev/blog/2023/01/12/suricata-support 🔎

#opensource #infosec #networksecurity #suricata #oisf #intrustiondetection #intrusionprevention #ids #ips #nids #nips #cloudnative #cloudsecurity #rust #datalake #aws #awssecurity #apacheiceberg #secops #security #siem #threatdetection #threathunting #detectionandresponse

Following up on this post, Permiso wrote a blog explaining how attackers are abusing Simple Email Service (SES). Two blogs within a week of each other talking about the SES service being exploited... hope you are paying attention and learning from these! https://permiso.io/blog/s/aws-ses-pionage-detecting-ses-abuse/ #aws #cloud #threatdetection

How did I miss this gem of a blog by Lightspin https://blog.lightspin.io/the-guide-to-analyzing-kubernetes-runtime-detection-alerts-using-amazon-athena #cloud #aws #threatdetection

I'm excited to announce that Matano is joining YCombinator's W23 Batch! 🚀

SIEM today is broken -- it's too expensive, doesn't scale, has poor support for correlation, causes vendor lock-in, is inflexible for detection engineering, the list goes on...

My brother Shaeq and I quit our jobs at AWS to solve this problem and build a better solution for security operations and analytics that fully utilizes the power of cloud and big data tech available today.

While the cybersecurity industry has been held back by legacy architectures tied to age-old vendor products, the data analytics industry has seen a ton of innovation through open source initiatives such as Apache Iceberg, Parquet, and Arrow delivering massive cost savings and performance breakthroughs.

We started Matano to close the gap between these two worlds by building an OSS platform to help security teams leverage the modern data stack (e.g. Spark, Athena, Snowflake) to efficiently analyze security data from all the disparate sources across an organization (Cloud/SaaS, Endpoint, Network, etc.).

Matano helps Detection & Response teams break free from their SIEM by deploying a vendor-agnostic Security Data Lake into their AWS account and giving them a platform to build detection-as-code using Python and SQL!

This is just the beginning in our mission to build the first open platform for threat hunting, detection & response, and cybersecurity analytics at petabyte scale.

I am super grateful to all of our early supporters for the help & joining in on this journey to reinvent SIEM. Let's goo!

https://www.ycombinator.com/launches/Hl0-matano-open-source-siem-alternative-for-aws

#startup #ycombinator #opensource #cybersecurity #cloudsecurity #awssecurity #siem #threatdetection #secops #devsecops #aws #infosec #dfir #detectionandresponse #soc #apacheiceberg #security #datalake #blueteam

VulChatGPT - An IDA PRO plugin that helps find vulnerabilities in binaries:
https://github.com/ke0z/VulChatGPT

#threatdetection #threatintel
#chatgpt #securityvulnerabilities
#idapro

Another awesome #ThursdayDefensive in the books! Thanks so much to @olafhartong for the awesome discussion around leveraging Sysmon alongside EDR for #ThreatDetection and #IncidentResponse.

Tune in next week to hear from Chris Gerritz on Detection Engineering & Rule Writing!

Register here: https://www.reconinfosec.com/thursday-defensive/