• Home
  • Authors
  • Anthony M. Freed

About Anthony M. Freed

Anthony M. Freed

Anthony M. Freed is the Senior Director of Corporate Communications for Cybereason, and was previously a security journalist who authored feature articles, interviews and investigative reports which have been sourced and cited by dozens of major media outlets. Anthony previously worked as a consultant to senior members of product development, secondary and capital markets from the largest financial institutions in the country, and he had a front row seat to the bursting of the credit bubble.

All posts by Anthony M. Freed

Telcos: The Supply Chain Attack You're Not Ready For

The potential impact from cyberattacks can be very far reaching–not just for the compromised Telcos, but also for their vast customer base whose data is also at risk...

October 18, 2022 / 3 minute read

Indicators of Behavior and the Diminishing Value of IOCs

IOBs describe the subtle chains of malicious activity derived from correlating enriched telemetry from across all network assets - but unlike backward-looking IOCs, IOBs offer a proactive means to leverage real-time telemetry to identify attack activity earlier, and they offer more longevity value than IOCs...

October 12, 2022 / 4 minute read

Why NGAV Displaced Traditional Antivirus Tools

NGAV can work to prevent the early stages of a ransomware attack that precede the delivery of the ransomware payload, and offers further protection by also assuring that payload is not detonated on the target machine in the case where the first stages of the attack were not detected...

October 11, 2022 / 4 minute read

Leveraging Indicators of Behavior for Early Detection

The key to early detection of advanced operations such as the SolarWinds attacks is in leveraging Indicators of Behavior (IOBs) to level-up to a more efficient and effective Operation-Centric approach to detecting the whole of an attack as opposed to responding to individual, uncorrelated alerts...

October 5, 2022 / 4 minute read

White Paper: Operation-Centric Security - Leveraging Indicators of Behavior for Early Detection

This paper details the Operation-Centric approach and how it can foster earlier detections based on Indicators of Behavior that empowers security operations to dynamically adapt and predictively respond more swiftly than attackers can modify their tactics to circumvent defenses...

September 27, 2022 / 1 minute read

Defending Against Supply Chain and Ransomware Attacks

Attacks on organizations that originate from third-party partners and service providers are expected to rise in the coming years as attackers look for weak links in software supply chains in an effort to “attack one to attack all..."

September 27, 2022 / 4 minute read

How XDR Reduces the Total Cost of Security Operations

AI-driven XDR solution unifies telemetry analysis to optimize efficacy, improves operational efficiency at scale, and eliminates detection blind spots by generating deeply contextual correlations from endpoints, identity management, workspaces, application suites, the cloud and more...

September 21, 2022 / 3 minute read

Preparing Your Organization for a Ransomware Attack

You cannot defend against RansomOps in traditional ways because it’s not a traditional threat, and a focus on detecting the ransomware executable alone is risky because that is the tail-end of a longer attack sequence, where the adversary already has unfettered access to your network...

September 20, 2022 / 4 minute read

AI/ML as a Security Team Force Multiplier

AI/ML is critical to automatically analyzing telemetry and correlating it at a rate of millions of events per second. Instead of manually querying data, analysts can spend more time acting on the insights produced by an AI/ML solution across disparate assets on the network...

September 14, 2022 / 4 minute read

Leveraging XDR for Cloud Workload Protection

An XDR solution for Cloud Workloads is ideal for hybrid, multi-cloud and containers to secure all of an organization's cloud-based assets, including microservices-oriented and serverless architectures...

September 14, 2022 / 4 minute read

How XDR Solves Key Challenges Facing Security Teams

With an AI-driven XDR solution, finding one component and being able to quickly ascertain relevant chains of potentially malicious behavior allows Defenders to see the entire operation from the root cause across every impacted user, device, and application...

September 7, 2022 / 5 minute read

RansomOps vs. Extended Detection and Response

RansomOps describes the entire multi-stage ransomware operation with an ensemble of players who contribute to these highly targeted attacks from initial ingress to lateral movement in the network to delivery of the final encryption payload...

September 6, 2022 / 6 minute read

Hackers vs. Attackers: It’s Not Always Black and White

Fire – good or bad? What about the internet? Taxes? Technology? If your answer is, “it depends,” you’re right, of course. And it’s the same for those with keen hacking skills - it all depends on how they are used...

August 30, 2022 / 4 minute read

Four Reasons to Implement an XDR Solution Today

So, you have a lot of visibility into your network and you know it because you have a ton of security alerts coming in - but that’s almost worse than having none if they lack the context and correlations required to really understand the scope of an attack...

August 3, 2022 / 3 minute read

Defending the Retail Sector Against Ransomware Attacks

One in three retailers attacked will pay the ransom, but less than ten percent will receive all their data back, and 80% of victims who pay the ransom end up getting hit with another attack Why are retailers such an attractive target when it comes to ransomware?

August 2, 2022 / 4 minute read

Five of the Most Advanced RansomOps Gangs

Ransomware has transformed significantly over the past several years, and it is forcing security to evolve with it. These complex and highly targeted ransomware operations – or RansomOps – seek to infiltrate entire networks in order to extort multi-million dollar ransoms from targets...

July 27, 2022 / 4 minute read

How XDR Can Play a Key Role in Achieving Zero Trust

The first step in the Zero Trust journey begins with removing trust blinders and truly instrumenting, monitoring, and seeing malicious behaviors hiding in plain sight behind trusted identities and applications without disrupting or causing harm to IT and the business–XDR provides this capability...

July 26, 2022 / 4 minute read

Ransomware Attacks by the Numbers - and How to Defend Against Them

These complex, low and slow attacks that seek to infiltrate as much of the targeted network as possible before detonating the ransomware payload means the task of successfully defending against RansomOps attack has never been more challenging, and the stakes for organizations are high...

July 20, 2022 / 5 minute read

Achieving High-Fidelity Detections with XDR

Attackers exploit gaps in visibility and hide in the network seams while security teams struggle to get actionable intelligence from a complex security stack. So where can security teams turn to reduce alert fatigue and increased operational efficacy and efficiency?

July 19, 2022 / 5 minute read

How an Integrated Approach is Key for Security Operations

XDR provides security teams with comprehensive visibility across the kill chain, all without requiring security analysts and incident response teams to manually investigate a flood of individual alerts. XDR allows security trams to move detection further to the left in the kill chain to reduce dwell time and disrupt attacks earlier in the attack sequence...

July 13, 2022 / 4 minute read

RansomOps: Not Your Parent’s Ransomware

Ransomware purveyors are moving away from high-volume attacks with low ransom demands in favor of more focused, custom attacks aimed at individual organizations selected for the ability to pay multi-million dollar ransom demands...

July 12, 2022 / 4 minute read

What's New with Ransomware Gangs?

New ransomware gangs have surfaced recently, bringing new techniques with them. As ransomware continues its quick pace of evolution, understanding the risk from complex RansomOps attacks and their impact to the business is key to preventing them...

July 7, 2022 / 5 minute read

Not All XDR is Created Equal

With so many XDR solutions available on the market today, organizations need to be careful about which one they choose. That’s because not all XDR platforms are created equal or deliver the same type of value - here's how to sort it all out...

June 29, 2022 / 4 minute read

What are the Legal Implications from a Ransomware Attack?

There are a variety of factors and risks which must be considered when deciding whether to pay a ransom, and organizations will need to be able to establish some level of attribution to know if the threat actor is subject to sanctions levied against specific nations...

June 28, 2022 / 6 minute read

How AI-Driven XDR Defeats Ransomware

Security teams shouldn’t need to manually triage and investigate disparate alerts from an array of solutions–they need to focus on shutting down a ransomware campaign as quickly as possible...

June 15, 2022 / 4 minute read

Defending Against the Five Stages of a Ransomware Attack

To defend against the latest threats, it is necessary to understand the scope of ransomware attacks in general and how they unfold so proactive anti-ransomware strategies can be adopted to better protect organizations from being victimized...

June 14, 2022 / 5 minute read

Spear Phishing: A Technical Case Study for XDR

Unlike more traditional tools, an XDR solution cuts through the noise to deliver efficiency through context-rich correlations that leverage all of an organizations’ security telemetry from across disparate sources to quickly answer the question "are we under attack?"

June 1, 2022 / 5 minute read

Securing Your Organization’s Digital Transformation with XDR

To Defend Forward means aggressively collecting intelligence about adversaries’ tactics and strengthening proactive resiliency across the organization to make it more costly for adversaries to achieve their objectives...

May 25, 2022 / 4 minute read

Targeted by Ransomware? Here are Three Things to Do Straight Away

The only way organizations can successfully defend against ransomware and RansomOps attacks is to be able to detect them early and end them before any data exfiltration or encryption of critical files and systems can take place...

May 24, 2022 / 4 minute read

Harnessing the Power of AI-Driven XDR

AI/ML is really good at analyzing large data sets with a high degree of accuracy to identify events of concern at a scale manual human analysis can never match, relieving security teams of the tedious task of sorting the signal from the noise...

May 11, 2022 / 4 minute read

How Do Ransomware Attacks Impact Victim Organizations’ Stock?

After all the big ransomware attack headlines, one might be inclined to think that a successful ransomware attack would also impact a victim organization’s stock price over the long term, but so far that's not the case according to several studies...

May 9, 2022 / 5 minute read

Why XDR Adoption Should Be a CISO Priority

An AI-driven XDR solution allows Defenders to move from a "detect and respond" mode to a more proactive “predictive response” posture where the likely next steps in an attack are anticipated and blocked...

April 27, 2022 / 3 minute read

The State of Ransomware in the Retail Sector

Three-quarters of Retail organizations reported a significant loss of revenue after suffering a ransomware attack, more than half (58%) experienced employee layoffs, and one third were forced to temporarily suspend or halt their business operations altogether...

April 26, 2022 / 5 minute read

How Strategic Detections Set XDR Apart

Most XDR platforms ingest a variety of threat intelligence to spot known Indicators of Compromise (IOCs), but only an AI-driven XDR solution can detect based on the more subtle chains of activity known as Indicators of Behavior (IOBs)...

April 20, 2022 / 4 minute read

Ransomware Attacks: Can Cyber Insurance Protect Your Organization?

Nearly half of organizations with cyber insurance in place when they were victims of a ransomware attack said that their insurer only covered a portion of their losses, so they still needed to pay out of pocket significantly to cover the recovery costs...

April 19, 2022 / 3 minute read

Security Budgets Are Increasing - But So Are Attacks

An AI-driven XDR solution can correlate security telemetry from across the network to produce a complete picture of all elements of an attack to automate responses - basically eliminating the need for SIEM and SOAR tools in most circumstances...

April 13, 2022 / 4 minute read

White Paper: Inside Complex RansomOps and the Ransomware Economy

This white paper examines the growing threat from complex RansomOps, as well as the larger Ransomware Economy, and provides prescriptive guidance for organizations determined to remain undefeated by ransomware attacks...

April 12, 2022 / 1 minute read

Evaluating XDR Solutions? Caveat Emptor - Buyer Beware

Don’t be fooled by marketing ploys from vendors touting their latest big dollar acquisition of technologies they can’t integrate but still try to pawn off as XDR...

April 6, 2022 / 4 minute read

Ransomware vs. AI: The Battle Between Machines

An AI-driven XDR solution can cut through the noise introduced by a constant flood of alerts, allowing security teams to spend less time sifting through alerts and chasing false positives and more time detecting and blocking attacks...

April 5, 2022 / 4 minute read

Four Ways XDR Optimizes Your Security Stack

An AI-driven XDR solution enables organizations to embrace an operation-centric approach that delivers the visibility required to be confident they can halt attack progressions at the earliest stages...

March 30, 2022 / 4 minute read

How to Create an Effective Ransomware Response Plan

Organizations need to be capable of responding effectively to a ransomware attack in order to minimize impact to the business. Here are three things they should consider along the way...

March 29, 2022 / 4 minute read

AI-Driven XDR: Defeating the Most Complex Attack Sequences

Unlike pseudo-XDR offerings that are really just EDR tools with a cloud extension, an AI-driven XDR solution does not require that valuable telemetry be filtered out due to a platform’s inability to handle the volume of intelligence available...

March 23, 2022 / 4 minute read

Authentication Platform Okta Confirms Breach Impacts Customer Base

Authentication platform Okta has confirmed they were breached and customer base impacted after threat actors Lapsus$ gained access to the company’s internal environment...

March 22, 2022 / 3 minute read

The State of Ransomware in the Manufacturing Sector

Sixty percent of manufacturing organizations said they were struggling to defend against ransomware attacks due to their growing sophistication, while just under half noted that they were likely to get hit at some point...

March 22, 2022 / 3 minute read

Leveraging the X in XDR: Correlating Across Multiple Sources of Telemetry

One good way to spot pseudo-XDR offerings is to ask the provider if the tool has the ability to ingest and analyze all available telemetry, or if the platform has limitations that requires "smart filtering" of some or most of the telemetry...

March 16, 2022 / 3 minute read

Leveraging Artificial Intelligence to Prevent RansomOps Attacks

Crowdstrike and SentinelOne platforms are forced to filter out critical event telemetry--and while they try to pawn off this deficit as a "feature" by calling it Smart Filtering, eliminating critical telemetry undermines their ability to detect complex RansomOps attacks at the earliest stages...

March 15, 2022 / 4 minute read

SecOps: Getting Behind the Wheel with XDR

An AI-driven XDR solution enables SecOps teams to embrace an operation-centric approach that delivers the visibility required to halt attack progressions at the earliest stages...

March 9, 2022 / 3 minute read

The Impact of Ransomware in the Healthcare Sector

Healthcare organizations need to assume that they’ll be hit, and it’s better to be prepared and never be the victim of a ransomware attack than it is to start the process of bolstering defenses after an attack has been successful...

March 8, 2022 / 3 minute read

Cybereason and MITRE Engenuity Center for Threat-Informed Defense Launch the Attack Flow Project

Cybereason and the MITRE Engenuity Center for Threat-Informed Defense launch the Attack Flow Project to develop a common data format for describing adversary behavior and improve defensive capabilities...

March 3, 2022 / 2 minute read

XDR is Here: How and Why to Get Started

AI-driven XDR automatically correlates telemetry from across endpoints, data centers, application suites, user identities and more, freeing security teams from the need to constantly triage a flood of non-contextual threat alerts and false positives...

March 2, 2022 / 3 minute read

What’s Next in the Evolution of Complex RansomOps?

Remember, the actual ransomware payload is the tail end of a RansomOps attack, so there are weeks or even months of detectable activity where a ransomware attack can be disrupted before there is serious impact...

March 1, 2022 / 3 minute read

Why Telemetry Correlations are Essential to XDR

Most EDRs can’t even handle all the telemetry available from endpoints, so jamming even more data into these tools that can’t actually correlate any of it effectively then trying to pass it off as XDR is simply a fool's errand...

February 23, 2022 / 3 minute read

Three Questions to Ask about Ransomware Preparedness

Organizations need to think strategically and be proactive about ransomware preparedness - here are three questions you should be asking in order to avoid being the victim of a successful RansomOps attack...

February 22, 2022 / 4 minute read

Securing Critical Infrastructure with XDR

There is the potential for these attacks to cross the cyber-physical divide by inadvertently or purposefully disrupting crucial systems that govern assets that are vital to the economy, national security, or protecting lives...

February 16, 2022 / 4 minute read

How to Prevent Ransomware Attacks at the Earliest Stages

This ongoing evolution of complex ransomware operations highlights the need to be strategic with RansomOps defense. Specifically, it underscores the importance of an operation-centric approach to RansomOps prevention...

February 15, 2022 / 4 minute read

Cybereason Partners with EGUARDIAN to Defend Organizations Against Complex Cyberattacks

“With Cybereason, I am confident we will be able to give Sri Lankan enterprises the right tools and technologies to successfully overcome increasing global cyber threats..."

February 14, 2022 / 1 minute read

Debunking Three Common Misconceptions about XDR

An AI-driven XDR solution provides Defenders with the ability to predict, detect and respond to cyberattacks across the entire enterprise network, including endpoints, identities, the cloud, application suites and more...

February 9, 2022 / 4 minute read

Financial Services and the Evolving Ransomware Threat

Attackers’ interest in targeting financial institutions aligns with larger trends that are shaping the ransomware threat landscape, like the increasing complexity of some ransomware operations–or RansomOps...

February 8, 2022 / 3 minute read

XDR: The Key to Empowering Your SOC

XDR can evolve with the changing threat landscape, can allow complex attack operations to be identified at the earliest stages, and can automate responses for a faster mean time to remediation at scale...

February 2, 2022 / 3 minute read

Three Reasons XDR Should Drive Your Security Strategy

Security teams are short-staffed, network complexity continues to increase and the cost of data breaches is growing - XDR offers an opportunity to reverse these trends and more...

January 25, 2022 / 4 minute read

Ten of the Biggest Ransomware Attacks of 2021

Researchers estimated there would be about 714 million ransomware attacks by the end of 2021, a 134% year-over-year increase from 2020. Let’s take a moment now to examine ten of the biggest ransomware attacks of 2021...

January 24, 2022 / 4 minute read

Five Ransomware Myths that Leave Businesses Vulnerable

Remember, the actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks to months of detectable activity prior to the payload where an attack can be intercepted...

January 19, 2022 / 5 minute read

Evaluating Open XDR vs. Native XDR

Open XDR can leverage multiple security tools, vendors and telemetry types, all integrated into a single detection and response platform that centralizes behavior analysis...

January 19, 2022 / 3 minute read

What Are the Differences Between EDR, MDR and XDR?

Shortcomings in traditional tools explain why XDR is generating a lot of buzz - it extends the capabilities of EDR beyond endpoints to an organization’s cloud workloads, application suites, and user personas...

January 12, 2022 / 4 minute read

The State of Ransomware in the Public Sector

Things escalated even further in June of 2021, when public sector entities experienced 10 times as many ransomware attempts as organizations in other sectors, an increase of 917% year over year...

January 11, 2022 / 3 minute read

Automating the “R” in Your XDR Strategy

Advanced XDR doesn’t rely on a flood of non-contextual threat alerts from across disparate assets, but instead delivers deep context and correlations between assets to detect sooner and automates responses to mitigate faster...

January 5, 2022 / 5 minute read

History’s Most Notorious Ransomware Gangs

The actual ransomware payload is the very tail end of a RansomOps attack, so there are weeks or even months of detectable activity prior to the payload delivery where an attack can be intercepted proactively...

December 21, 2021 / 3 minute read

Leveraging the XDR Advantage in the Midst of a Pandemic

If a security provider’s EDR can’t handle all the endpoint telemetry required to detect and end attacks faster and more efficiently, you can be sure their XDR platform suffers similar limitations...

December 8, 2021 / 3 minute read

Ransomware by the Numbers – An Impact Overview

Despite the significant impact ransomware attacks have on organizations, most simply are not prepared to defend against them even if their organization has already suffered a successful ransomware attack...

December 7, 2021 / 4 minute read

AI/ML Powered Automation: The Future of Cybersecurity at Scale

The Cybereason Defense Platform leverages multiple layers of AI/ML analysis to quickly identify malicious chains of behavior, never before seen malware strains, complex ransomware attack sequences and other digital threats...

December 1, 2021 / 4 minute read

A Brief History of Ransomware Evolution

There have been over 200 ransomware attacks that have made headlines in 2021 so far - to understand how we got here, let's look at how the ransomware threat has evolved over the years...

November 30, 2021 / 5 minute read

Which Data Do Ransomware Attackers Target for Double Extortion?

The double extortion tactic is very effective because it undermines ransomware recovery strategies that rely on data backups - with double extortion the options for organizations become more limited...

November 23, 2021 / 4 minute read

Cybereason Research Finds Organizations Unprepared for Ransomware Attacks on Weekends and Holidays

The research findings highlight a disconnect between the risk ransomware poses to organizations during these off-hour periods and their preparedness to respond during weekends and into the holiday season...

November 17, 2021 / 4 minute read

RansomOps™: Detecting Complex Ransomware Operations

Remember, the ransomware payload is the tail end of a RansomOps attack, and there are weeks or months of detectable activity prior where an attack can be arrested before there is impact to the target...

November 16, 2021 / 3 minute read

Why XDR is a ‘Must Have’ for Organizations of Every Size

XDR collects all pertinent telemetry, uses AI to analyze it and add actionable context, then allows for true automation of responses across endpoints, on-prem and cloud workloads, user identities and more...

November 10, 2021 / 3 minute read

The Ransom Disclosure Act and Defending Against Complex RansomOps™

The ability to recognize RansomOps early in the attack progression is the key to preventing a successful ransomware attack and relegating the adversary activity to a much less disruptive intrusion or data exfiltration attempt...

November 9, 2021 / 3 minute read

Actionable XDR Telemetry vs. Uncorrelated SIEM Alerts

If a provider is trying tout the elimination of valuable telemetry through “smart filtering” as a solution feature, this is a big red flag that should tell you they cannot deliver effective XDR - or even EDR for that matter...

November 3, 2021 / 3 minute read

What Are the Most Common Attack Vectors for Ransomware?

Exploiting Microsoft Remote Desktop Protocol (RDP) accounted for more than half of all ransomware infections, followed by email phishing and the exploitation of software vulnerabilities...

November 2, 2021 / 3 minute read

What is Advanced XDR? Understanding Extended Detection and Response

Cybereason Advanced XDR collects and analyzes 100% of event telemetry in real-time, processing more than 23 trillion security-related events per week with absolutely no “dumb filtering" that can leave your organization at risk...

October 27, 2021 / 3 minute read

An Operation-Centric Approach to RansomOps™ Prevention

Understanding RansomOps and strategies to detect and disrupt them early in the kill chain can turn a potentially devastating ransomware attack into a less disruptive intrusion and/or data exfiltration attempt...

October 26, 2021 / 4 minute read

Why All Telemetry is Essential for XDR Performance

Some vendors resort to "data filtering" where they eliminate vital telemetry before analysis, which produces an incomplete snapshot of an organization’s security posture and will not answer the question “are we under attack?”

October 20, 2021 / 3 minute read

What is the Dark Web Ransomware Marketplace?

Members of dark markets commonly promote Ransomware-as-a-Service (RaaS) operations where malicious actors post ads for different ransomware kits for rent and varying levels of support for RansomOps...

October 19, 2021 / 3 minute read

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

No matter how you justify the “savings” in bundling IT and Security spend together with a (still very expensive) E5 license, the fact is you’d essentially be paying Microsoft twice to protect you from… Microsoft...

October 14, 2021 / 5 minute read

What is the Importance of XDR in Cloud Security?

The Cybereason XDR Platform draws upon IOCs as well as Indicators of Behavior (IOBs), which provide insight into the more subtle signs of compromise to protect on-prem and cloud, identities, and applications from exploitation...

October 13, 2021 / 3 minute read

What is Ransomware-as-a-Service and How Does it Work?

RansomOps attacks begin with a developer making malicious code available on the black market - the custom code delivers the ransomware payload and the RaaS providers help negotiate payment, and they split the fee with the affiliate...

October 12, 2021 / 3 minute read

How Do Initial Access Brokers Enable Ransomware Attacks?

Microsoft Remote Desktop Protocol (RDP) vulnerabilities accounted for over half of all ransomware attacks, where Initial Access Brokers scan for exposed RDP ports and then sell network access to ransomware groups...

October 5, 2021 / 4 minute read

How Does XDR Solve the IT Infrastructure Visibility Gap?

Detection and Response was once limited to traditional endpoints, but XDR means it can now be applied across applications, cloud workloads, user personas and more to correlate events across these disparate elements...

September 29, 2021 / 3 minute read

Ransomware Prevention vs. Recovery: Which Costs Businesses More?

Research demonstrates that it is significantly less costly to prevent a ransomware attack than to suffer a ransomware infection and pay the costs to recover fully - so what's the hesitation?

September 28, 2021 / 3 minute read

How XDR is Changing Security for the Better

XDR allows organizations to move to an operation-centric approach by freeing SOC analysts from an alert-centric posture that cannot scale to keep up with the rapidly evolving threat landscape...

September 22, 2021 / 3 minute read

How the Ransomware Gangs Stay One Step Ahead

Maze and LockBit collaboration highlights how ransomware gangs share infrastructure, expertise and stolen data, which helps attackers evolve by learning from one another...

September 21, 2021 / 3 minute read

Four Considerations for Evaluating XDR Platforms

There’s a growing need for the more holistic approach to threat detection and response that XDR can deliver. Why? Just look at what’s going on in the digital threat landscape...

September 15, 2021 / 3 minute read

What is Driving the Surge of Ransomware Attacks?

More digital infrastructure means organizations have more assets that attackers can use as attack vectors to establish a foothold on the network before moving laterally and deploying their ransomware payloads...

September 14, 2021 / 3 minute read

Busted: Taking Down Ransomware Attackers

The attention surrounding ransomware might be unprecedented this year, and law enforcement has brought ransomware actors to justice in the past. Let’s look at a few examples...

September 8, 2021 / 3 minute read

The Value Drivers for an XDR Investment

Consider the value that stopping a ransomware attack at initial ingress or at lateral movement on the network versus a costly and disruptive incident response scramble and “roll-back” of encryption on every affected system...

September 1, 2021 / 3 minute read

Evolving Ransomware Tactics Include Recruiting Insiders and DDoS Attacks

Ransomware gangs are targeting insiders to give them network access as well as threatening targets with DDoS attacks if they refuse to pay a ransom demand in double extortion schemes...

August 31, 2021 / 3 minute read

How XDR Delivers on SOAR’s Unfulfilled Promises

After being around for years, has SOAR really delivered on any of the lofty promises? Ask any user, and their answer will most likely be “kind of" because analysts still need to manually intervene and sift through all the “well organized noise...”

August 25, 2021 / 3 minute read

Three Reasons Why You Should Never Pay Ransomware Attackers

After falling prey to a ransomware attack, most organizations are faced with the decision of whether they’re going to pay the ransom demand. We’ll save you some time: it’s not worth it, and here are three of the many reasons why it does not pay to pay...

August 18, 2021 / 3 minute read

XDR: The Key to Solving SIEM Shortcomings

SIEMs were intended to solve an array of issues by using automation to better enable analysts to detect and respond to security issues more quickly. But have SIEM solutions really delivered on their promises?

August 17, 2021 / 3 minute read

Who Are the Main Targets of Ransomware Attacks?

With RansomOps™ attacks, the goal is to choose a target that is in a sensitive industry like critical infrastructure, as well as selecting targets based on their ability to pay an incredibly large ransom demand...

August 10, 2021 / 3 minute read

XDR: The Next Step in Threat Detection and Response

XDR frees security analysts from tedious manual tasks through automation for enhanced threat detection and response, allowing them to focus on their organizations’ overall security posture...

August 9, 2021 / 3 minute read