Chris Gerritz

Behavioral Analytics Blog

Top 20 Adversary Techniques: Why 20?

Follow up blog on why you should monitor for the Top 20 attacker behaviors: not 10, not 30.

Read More »
cyber endpoints bkg

Top 20 Most Common Hacker Behaviors

This post was last updated on March 30th, 2021 at 05:31 pmThe top MITRE ATT&CK™ behaviors to monitor for on your endpoints and servers When the OWASP Top 20 Vulnerabilities was first published it revolutionized our industry’s approach to vulnerability management. Instead of playing wack-a-mole with thousands of individual vulnerabilities every time a new one…

Read More »
cyber endpoints bkg

Infocyte Partner Program Honored With 5-Star Rating in the 2021 CRN Partner Program Guide

Chris Auger Infocyte is being acknowledged by CRN®, a brand of The Channel Company, in its 2021 Partner Program Guide. This annual guide provides a conclusive list of the most distinguished partner programs from leading technology companies that provide products and services through the IT Channel. The 5-Star rating is awarded to an exclusive group…

Read More »

This Popular MITRE ATT&CK Metric Is Leading Us Astray

Chasing the unnecessary and unachievable need for FULL MITRE COVERAGE? Here’s why thats a bad idea.

Read More »
cyber endpoints bkg

Infocyte’s Behavioral Analytics Engine Maps to MITRE ATT&CK Framework

This post was last updated on March 31st, 2021 at 10:33 amSecurity is dynamic because adversaries are always evolving and increasing their sophistication. Companies must defend against known attacks while also being able to stand up defenses to detect and halt emerging threats. Infocyte has provided strong detection capabilities through our threat intelligence, threat research…

Read More »
Infocyte Threat Intel & Response

Expanding Infocyte’s Threat Intelligence and Response Function

This post was last updated on March 29th, 2021 at 09:23 amAt its core, Infocyte’s mission has always been to help our customers and partners to find, investigate and purge cyber threats from their networks. We do this through our automated SaaS platform and the expertise of our team. The challenge is security teams find…

Read More »
cyber endpoints bkg

Exchange Week 2 – Ransomware Joins The Fray

Following exposure and publication of a major remote execution vulnerability like Exchange’s ProxyLogon (CVE-2021-26855), we expect other threat actors to join the race against system administrators trying to patch their systems. Initial reporting showed the threat actor dubbed HAFNIUM were quietly exploiting these vulnerabilities since at least January 2021. Following the release of patches and responsible…

Read More »

HAFNIUM Exchange Zero-Day Scanning

This post was last updated on March 26th, 2021 at 11:15 amThe Microsoft Exchange Zero-day exploit drop this week is a big one with far reaching implications for organizations in 2021. Infocyte recommends the following actions organizations need to take when these exploits are being used in the wild: 1. Take inventory Do you host…

Read More »
cyber endpoints bkg

Responding to Microsoft 365 Attacks

This post was last updated on March 17th, 2021 at 09:35 amResponding to the December 2020 SolarWinds Supply Chain Attack (“Solarigate”) solidified one of the most pressing security gaps of this new decade: visibility and defense against cloud application attacks. In Solarigate, attackers used the tainted SolarWinds software as an entry vector into servers and…

Read More »
Infocyte Microsoft 365 Security Module

Microsoft 365 Security for Extended Detection and Response

This post was last updated on February 4th, 2021 at 06:47 pmWatch our on-demand webinar around this topic here. John Norden As I mentioned in a recent blog post, Infocyte is expanding it’s platform capabilities by launching a Microsoft 365 security module this week. We are especially excited for this module which will enhance our…

Read More »