Chris Gerritz
Many of us spent the holidays hunting for Solarwinds backdoors. So where are we now? What did we learn? Whats left to be done? SUNBURST in 2021.
Read More »This post was last updated on December 23rd, 2020 at 04:09 pmWednesday, December 23 Infocyte hosted a webinar with our Co-founder and Chief Product Officer, Chris Gerritz. Chris is a foremost expert in threat hunting and has done a significant amount of research around this recent backdoor and subsequent compromises. He’ll cover: Indicators to search…
Read More »This post was last updated on December 21st, 2020 at 02:31 pmInfocyte was recently recognized in Forrester’s Now Tech: Managed Detection and Response Services Providers, Q4 2020. This report showcases Infocyte as an easy path to implement endpoint detection and response (EDR) or managed detection and response (MDR) for mid-size organizations. This report highlights the…
Read More »Infocyte has published an official Infocyte extension which scans servers for all reported host-based indicators of compromise related to the Solarwinds Orion compromise.
Read More »The concept of “The Prevention Paradox” describes how an increase in prevention can cause you to be less secure. If you are scratching your head right now, you are not alone. This seems counterintuitive on the surface. But let’s go a step further. By preventing every attack vector you can detect, you lose visibility on adversaries…
Read More »This post was last updated on February 3rd, 2021 at 04:16 pmBy Chris Auger Regardless of your company’s size, from an attacker’s perspective, you have financial resources or can be a conduit to another organization’s funds. Today’s average attack is often part of an advanced persistent threat (APT) that has been in a compromised environment…
Read More »This post was last updated on December 1st, 2020 at 01:54 pmBy Chris Mills In a recent blog post around Cobalt Strike, Chris Gerritz spoke about how important it was to be prepared and have a true partner in the first hour of a security event. In speaking with our team over the last few…
Read More »This post was last updated on February 4th, 2021 at 06:53 pmJohn Norden Microsoft 365 is the most popular SaaS productivity and back-office platform in the market today. Microsoft 365 can be a very secure solution, but it must be configured properly and monitored for malicious activity and environmental changes (like configuration, mail forwarding, etc).…
Read More »This post was last updated on October 20th, 2020 at 10:10 amBy Chris Gerritz Since 2012, Cobalt Strike has been utilized as a proactive way of testing network defenses against advanced threat actor tools, tactics, and procedures (TTPs). The aim, of course, is to mimic the most malicious threat actors and their techniques to test…
Read More »This post was last updated on September 15th, 2020 at 11:25 amBy John Norden Respond to threats with a click. Yes, really. One of the challenges that every organization faces is scaling their security team. We hear about it all of the time–the skills gap, talent shortage, or whatever buzzword you’d like to use, the…
Read More »