Infocyte’s Top Cybersecurity and Threat Hunting Blogs of 2017

sharif khan

Time Revisit some of the Highlights from the Infocyte Blog 2017.

It’s hard to believe that 2018 is right around the corner. It’s been a memorable year in cybersecurity with some high-profile threats, surprising breaches and new statistics indicating that battle for enterprise security is far from solved. This is a perfect time to reflect on 2017 and revisit some of the highlights from the Infocyte Blog.

2017 has been an incredibly eventful year for Infocyte. Our innovations in post breach detection earned us a ‘Top 3 threat hunting solution’ review in Network World, Overall APT Solution of the Year in the 2017 CyberSecurity Breakthrough Awards, and earned us a spot on multiple Top Start-up Lists.

As for the cybersecurity industry, the past 12 months have been fraught with malicious malware and data breaches. Equifax, IHG Hotels, Arby’s, Chipotle, Brook’s Brothers, Kmart, and Sonic were just a few of the household brands to fall victim to high-profile cyber attacks, and the time to discovery for many of these incidents is concerning (see incident impact and dwell times below).

 

 

With cyber threats rapidly evolving, modern and proactive approaches to security, such as threat hunting, are more important than ever. At Infocyte we are working hard to empower organizations to detect stealthy malware and APTs that have evaded your first line defenses, to dramatically reduce dwell time and limit potential damage. Here’s a retrospective look at 2017’s security trends and best practices from the 10 most read articles on the Infocyte blog.
Have the lessons from 2017 sunk in, or were there some that you might have missed?

  1. Red Teams Advance is Memory Evasion Tradecraft: In this post, we look at three of the latest techniques that have surfaced to thwart advanced memory scanning techniques.
  2. Threat Hunting Using Forensic State Analysis: As a finalist in the 2017 SC Magazine’s Awards Ceremony for the Best Forensics Solution we look at why we’re an anomaly in this category, and how we have morphed endpoint digital forensics for proactive and scalable threat hunting with a process we call Forensic State Analysis (FSA).
  3. Scaling the Hunt for Fileless Malware: The recent explosion in mainstream attacks using “fileless” malware has left many organizations wondering how they can defend themselves. Infocyte has taken a unique approach to threat hunting that works by scanning key parts of volatile memory across thousands of systems at a time, making it possible to detect fileless malware at an enterprise scale.
  4. The Role of Automation and Human Analysis in Threat Hunting: As new techniques used to evade network defenses continue to emerge, enterprise security teams are increasingly turning to threat hunting to reduce the duration and damage of successful attacks. Yet, what comprises the actual activity of threat hunting is a topic of hot debate among cybersecurity experts. One of the looming questions on many CISOs minds is: ‘Can threat hunting be automated?’ Hardliners exist on either side of this question, but who is correct?
  5. Top Challenges and Benefits of a Threat Hunting Program: Threat hunting is gaining momentum in the industry as IT and security teams attempt to keep up with the constant barrage of new cyber threats and malware attacks. While companies are increasingly acknowledging they need to adopt threat hunting practices, according to a recent survey published by the SANS Institute many are struggling to adapt.
  6. Trends: The Endpoint Convergence is Upon Us: RSAC is the industry mecca for security pros looking to keep up to speed with the trends in information security and companies showcasing their innovations. Wandering the halls of RSAC this year, there was a lot of expected marketing hype and some compelling trends that emerged; some of them we saw coming…others were surprising.
  7. Uncovering a Major Hidden Risk of GDPR Legislation: All companies in Europe today are focused on GDPR compliance. The smart ones are approaching the preparation for future compliance in a methodical and phased way, beginning with an assessment of the current data protection measures in place and identifying gaps or other threats to data security.
  8. 4 Steps to Automating the Hunt for Cyber Threats: Learn the 4 key steps you need to put in place to get a threat hunting program jump started.
  9. The Data is In: The Faster You Hunt and Contain Breaches, The Smaller the Financial Impact: For the first time in a long time, the average data breach cost has declined 10% globally, according to the latest numbers from the Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview. The study also showed that how quickly an organization contained a data breach had a direct effect on the financial impact.
  10. Six Host Indicators of Compromise: Proactive threat hunting is quickly becoming a must for any organization that’s serious about protecting itself and its bottom line. But where do you start? We’ve assembled a list of the top 6 host indicators of compromise that every organization needs to be looking for to find hidden malware and APTs that threaten the security of your systems and data.

As we look to 2018, we are committed to continuing to create new standards in cybersecurity, provide you with commentary and tips on the latest in cybersecurity threats and best practices, and, most importantly, continue our commitment to deliver innovative, post breach detection solutions to reduce dwell time and limit the business impact.

See Infocyte HUNT in Action. Request a Live Demo.

Request a Live Demo of Our Award-winning Threat Hunting and Incident Response Platform.

More from our blog

cybersecurity siem alert validation fatigue

Security Brief: SIEM Alert Validation and the Dangers of Alert Fatigue

March 27, 2019

Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.

Read More »
2018 healthcare data breaches report

5 Takeaways From Reviewing 2018’s Healthcare Data Breaches

March 19, 2019

In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…

Read More »
hidden cyber attacks

Hunting, Detecting, and Responding to Hidden Threats Using FSA

March 12, 2019

A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…

Read More »