October is National Cyber Security Awareness Month (NCSAM).
Since its inception under leadership from the U.S. Department of Homeland Security and the National Cyber Security Alliance, NCSAM has grown exponentially, reaching consumers, small and medium-sized businesses, corporations, educational institutions and young people across the nation.
This week’s theme is Recognizing and Combating Cybercrime. We’ve pulled together some resources on threat hunting and the important role it plays in identifying and combating malware and persistent threats that have made it onto your systems. From beginners to security pros, there’s something for everyone to remain #CyberAware.
Threat Hunting 101
The reality of today’s cybersecurity landscape is that, within a complex enterprise network, no amount of investment in security controls will stop every breach, nor will it stop a well-resourced and determined attacker from getting in if they want to. This realization has pressed many organizations to expand beyond reactive intrusion detection systems and invest in a proactive new approach called threat hunting. Read this primer that answers the question “what is threat hunting” for those less familiar with this cyber practice.
The Breach Detection Gap and Strategies to Close It
This white paper examines why adversaries are successful in persisting in networks; the limitations of existing security technologies and methodologies to discover threats once they are inside; and how dedicated hunt technology and processes can work with your existing security infrastructure to deny attackers the ability to persist undetected. Download now.
Assessing Cybersecurity Risk in a Breached World
This white paper introduces the role and the need for a Compromise Assessment, a new class of security assessment which seeks to identify unknown security breaches and adversary presence (i.e. malware, compromised systems, or malicious/unauthorized account use) within a network. It also demonstrates how the latest “hunt” methodologies and technologies can be best applied to deliver a rapid and effective compromise assessment, giving information risk managers unparalleled fidelity and confidence into the status of their networks. Download now.
Malware Hunting – Cyber Talk Radio Episode 3
Infocyte’s Chris Gerritz recently joined Cyber Talk Radio to discuss malware hunting which is a complicated topic he made approachable. Once an attacker is in your network, they become a persistent threat. It isn’t always a break-in, rob you and leave. They want to move in and dig in their hooks. When they’re good at it the security community calls it an Advanced Persistent Threat (APT). Listen to the broadcast.
No Experience Required: Why you don’t need to be an expert to cyber hunt
Cyber hunting has increasingly become a hot topic in the security industry. However, industry commentators and experts alike all seem to agree that the only way to do this is using highly skilled and trained forensic threat hunting teams. We examine why you don’t need to be an expert to cyber hunt.
Interested in staying Cyber Aware?
Follow us on Twitter @InfocyteInc to get updates on our latest insights and resources on cybersecurity and threat hunting.
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »