Blog 

Election Hacking

How credible is the threat, and how do we stop it?

5 Capabilities of a Modern Endpoint Protection Platform

In order to address the evolving threat landscape, the security industry has turned to more comprehensive endpoint protection platforms. What are they?

Fileless Malware 101: Understanding Non-Malware Attacks

Unlike attacks carried out using traditional malware, fileless malware attacks don’t entail attackers installing software on a victim’s machine. Instead, tools that are built-in to Windows are hijacked by adversaries and used to carry out attacks. Essentially, Windows is turned against itself.

Explaining Fileless Malware Succinctly with Examples from our Research

In Q1 2018, fileless attacks were up 94%. Learn about what fileless malware is with common examples from the Cybereason Nocturnus team's research.

How to Generate a Hypothesis for a Threat Hunt

Many find the process of threat hunting to be too demanding. What are you supposed to hunt? Where do you even begin?

Delayed Detections in MITRE ATT&CK: What Do They Mean for a Business?

During the recent MITRE evaluations, it became apparent that many security vendors, while able to detect threats, were doing so well after the fact. It's important to consider what these delayed detections would mean for a SOC experiencing a real breach.

The Round I MITRE ATT&CK Product Evaluations: A Guide By Security Experts

The MITRE ATT&CK framework is a complex solution to a complex problem. Rather than simply scoring vendors on a linear scale, it offers a more profound view of capabilities, applicability, and use-case. This is what you need to know about the way MITRE uses ATT&CK to evaluate security vendors, and how threat hunting factors into the ATT&CK framework.