Infocyte is proud to be an NCSAM Champion. Each week NCASM has a new theme to help drive cybersecurity awareness whether you’re an individual looking to better protect your own personal data, or an enterprise looking to keep on top of best practices.
This year’s enterprise theme is Protecting Critical Infrastructure From Cyber Threats: The systems that support our daily lives – such as electricity, financial institutions, and transportation – are increasingly dependent upon the internet. Building resilience in critical infrastructure is crucial to our national security.
We’ve pulled together our top requested resources on enterprise threat hunting to help you better understand the key role it plays in identifying and combating malware and persistent threats that have could be hiding your systems. From enterprise security novices to hunting pros, there’s something for everyone to remain #CyberAware
The cyber attacks reported by the media continue to highlight a common thread – many of the breaches have gone undetected for weeks, months and sometimes years – take the recent Wendy’s breach for example. We call this the Breach Detection Gap (BDG) or dwell time, and it is defined as the time elapsed between the initial breach of a network by an attacker and the discovery of that breach by the victim. Learn how long the average breach goes undetected and what you can do to close the gap.
The reality of today’s cybersecurity landscape is that, within a complex enterprise network, no amount of investment in security controls will stop every breach, nor will it stop a well-resourced and determined attacker from getting in if they want to. This realization has pressed many organizations to expand beyond reactive intrusion detection systems and invest in a proactive new approach called threat hunting. Read this primer that answers the question “what is threat hunting” for those less familiar with this cyber practice.
Cyber hunting has increasingly become a hot topic in the security industry. However, industry commentators and experts alike all seem to agree that the only way to do this is using highly skilled and trained forensic threat hunting teams. We examine why you don’t need to be an expert to cyber hunt.
Looking to capitalize on the benefits, the security market has suddenly become crowded with solutions that all claim to offer threat hunting capabilities: EDR, DFIR, Behavior Analysis and FSA. We’ve put together a white paper to help you understand the differences between these threat hunting tools and the role each plays in breach detection and prevention, and where solutions such as FSA fit within the tool belt of the hunter. View
For the first time in a long time, the average data breach cost has declined 10% globally, according to the latest numbers from the Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview. The study also showed that how quickly an organization contained a data breach had a direct effect on the financial impact. Learn why.
As new techniques used to evade network defenses continue to emerge, enterprise security teams are increasingly turning to threat hunting to reduce the duration and damage of successful attacks. Yet, what comprises the actual activity of threat hunting is a topic of hot debate among cybersecurity experts. One of the looming questions on many CISOs minds is: ‘Can threat hunting be automated?’ Hardliners exist on either side of this question, but who is correct? Read on to find out.
In a recent Crowd Research Threat Hunting Survey 79% of respondents said that threat hunting is a top security initiative for 2017. However, despite the intent to become more proactive in their security approach, respondents said that 43% of their time is spent being reactive to threats and only 23% proactively seeking threats. Learn the 4 key steps you need to put in place to get a proactive threat hunting program jump started.
Last year stands out for the astronomical growth of malware, resulting in a significant increase in the sheer volume of cyber attacks on enterprises, organizations, nations, and infrastructure. Some estimate that in 2016 malware attacks quadrupled from previous numbers. Learn about the increased threats for 2017 and get guidance on how to respond and react to malware using threat hunting.
Learn why the current defense in depth model, as it is applied in many organizations, leaves critical gaps which allow attackers to remain undetected. Explore the MITRE ATT&CK Model and how threat hunting and post-compromise detection address gaps to better protect your critical IT and data. View Webinar
In this recorded webinar, threat hunters from the SANS Institute and Infocyte discuss how to adapt Digital Forensics & Incident Response (DFIR) techniques to scalably and proactively hunt for unknown threats across an entire enterprise network. This approach is called Forensic State Analysis (FSA). Ultimately, FSA arms hunters with an effective and efficient methodology to hunt without relying solely on sophisticated security infrastructure, sensors, or big data. View Webinar
Interested in staying Cyber Aware?
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »