Ross Clurman

cybersecurity siem alert validation fatigue

Security Brief: SIEM Alert Validation and the Dangers of Alert Fatigue

By Ross Clurman / March 27, 2019 / 0 Comments

Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.

Read More
2018 healthcare data breaches report

5 Takeaways From Reviewing 2018’s Healthcare Data Breaches

By Ross Clurman / March 19, 2019 / 0 Comments

In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…

Read More
hidden cyber attacks

Hunting, Detecting, and Responding to Hidden Threats Using FSA

By Ross Clurman / March 12, 2019 / 0 Comments

A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…

Read More
root cause analysis tools activity trace

Root Cause Analysis: Finding Patient Zero During a Cyber security Incident

By Ross Clurman / February 21, 2019 / 0 Comments

Our New Root Cause Analysis Tool is Designed to Help IR Teams Trace the Source of Suspicious Activity In Q1, we released new tools to assist cybersecurity incident responders. One of those new features is a root cause analysis tool, is designed to help IR teams trace the source of suspicious activity or identified threats…

Read More
check point infocyte partnership

Infocyte Partners With Check Point Software Technologies For Cloud-delivered Compromise Assessments, Proactive Threat Detection, Faster Incident Response

By Ross Clurman / February 19, 2019 / 0 Comments

Infocyte, a cybersecurity company focused on proactive threat detection and incident response, and Check Point Software Technologies Ltd., a leading provider of cyber security solutions globally, are partnering to deliver faster threat detection and incident response services on compromised hosts. As part of the partnership Infocyte’s platform, Infocyte HUNT, will be integrated with Check Point’s suite of advanced services.

Read More
false positives false negatives siem alerts

Cybersecurity 101: What You Need To Know About False Positives

By Ross Clurman / February 16, 2019 / 0 Comments

… and False Negatives An Overview of False Positives and False Negatives Understanding the differences between false positives and false negatives, and how they’re related to cybersecurity is important for anyone working in information security. Why? Investigating false positives is a waste of time/resources and distracts your team from focusing on real cyber incidents (alerts)…

Read More
cyber threat hunting healthcare

Three Use Cases For Proactive Threat Hunting and Detection Within Healthcare Organizations

By Ross Clurman / February 8, 2019 / 0 Comments

Malware Hunting is a Necessity in Today’s Enterprise IT Environments Cyber attacks are evolving so rapidly that security teams are struggling to integrate and operationalize security tools that apply to only one area of the protection model. Malware Hunting (threat hunting) for example is becoming a necessity in today’s enterprise IT environments — especially for…

Read More
infocyte proactive cyber security

Infocyte Launches Root Cause Analysis Tool, Activity Trace™, Featuring Automated Timelining, Triage, And Instant Patient Zero Visibility For Host-based Attacks

By Ross Clurman / February 5, 2019 / 0 Comments

Infocyte, developer of the leading host-based cyber threat hunting and incident response platform, announced the release of Infocyte HUNT Cloud. The software-as-a-service platform is available for both end customers and through partners, such as MSSPs—enabling them to deploy turnkey multi-tenant threat hunting and response capabilities to complement their existing prevention and monitoring solutions.

Read More
infocyte cyber risk scoring

How Infocyte’s MDR Services Significantly Reduce Cyber Risk

By Ross Clurman / February 1, 2019 / 0 Comments

Case Study: Building on our latest three blog posts in our series outlining how to manage and reduce your organization’s cyber risk, we wanted to show you how these principles (of reducing cyber risk) apply in a real-world case study. To do so, we’ll quickly drill down into detection and response capabilities that can reduce…

Read More
cyber security incident response planning

Reducing Cyber Risk: 5 Tweaks to Your Incident Response Plan

By Ross Clurman / January 22, 2019 / 0 Comments

An Incident Response Plan is a Crucial Set of Instructions Designed to help your IT department—security team at larger companies—properly deal with the slew of network security incidents that can hamper your business at any given moment. Such incidents include (but are not limited to) ransomware, data breaches, service outages, and cyber crimes such as…

Read More