9.16.20
Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR
The recent Zerologon vulnerability (CVE-2020-1472) could allow attackers to get control of a Windows domain without any user credentials. Learn how it works and how to protect against exploits.
Jeff Costlow
9.11.20
Alerts That Matter: Knowing When (and How) to Take Decisive Action
Sophisticated cyberattacks go undetected for weeks or months, and when discovered, security analysts struggle to contain the compromise and assess its scope. Most detection tools are able to create incident tickets, but noisy detections quickly become "ticket spam" and contribute to the security analyst's challenge of rising above the noise.
Jesse Munos
9.4.20
How to Respond to Incidents Quickly Despite Intentionally Confusing False Flags
False flags are deliberately planted details meant to distract or mislead investigators. Learn what to look out for and how to get more context.
Tyson Supasatit
9.1.20
Strange Behavior: The Case for Machine Learning in Cybersecurity
Many people are justifiably skeptical of machine learning's value. The strongest case for ML in cybersecurity lies in detecting unusual behavior that other approaches miss.
Tyson Supasatit
8.28.20
How To Monitor Sensitive Data & Stop Exfiltration via The Network
Monitoring sensitive data movement in the enterprise network can stop breaches by catching insider threats or adversaries before they can exfiltrate valuable data. This post outlines why the status quo isn't enough, and how network detection and response tools can help.
Chase Snyder
8.27.20
Uncovering the Unknown: Proactive, Covert Identification of Evasive Threats
Attackers are constantly evolving their tactics and techniques to avoid detection. But attackers can't eliminate all traces of their activities. Here is how ExtraHop Reveal(x) streamlines the threat hunting process.
Jesse Munos
8.27.20
Ready for Federal: Reveal(x) in Continuous Diagnostics & Mitigation (CDM) Program
With ExtraHop Reveal(x) now available under the CDM APL, U.S. federal agencies have new ways to add industry-leading network detection and response capabilities.
Patrick Park
8.26.20
The Security Flywheel: A Simpler, More Effective Approach
Security doesn't exist in a vacuum: it's an integral part of the many processes that make a business run—and succeed.
Michael McPherson
8.26.20
SANS on Building Effective SOC Teams Despite the Skills Gap
A recent SANS survey found that, because of budget limitations, more companies are reconsidering their security staff hiring. Given that necessary skills are still in demand, Security Operations Managers will need to take a different approach to bridge the gap.
Carol Caley
8.26.20
The Tricks of Our Trade: How Reveal(x) Uses Machine Learning
Machine learning is not magic, and not all machine learning is created equal. ExtraHop Reveal(x) makes life easier for security teams with ML subsystems for Perception, Detection, and Investigation.
Edward Wu
8.20.20
How To Get a Complete Inventory of Devices on Your Network That Won't Go Out Of Date
Device inventory is vital to security, and is the first requirement of the CIS Top 20 security controls, but current inventory tech leaves huge blind spots. How can you get a better inventory without undue management hassle?
Chase Snyder
8.19.20
The Security Doom Loop: Shelfware, Alert Cannons, and Analyst Fatigue
The job of a security analyst is hard enough as it is. Add mountains of software to navigate, barrages of alerts, and cross-team finger-pointing and you find yourself in the security doom loop.
Michael McPherson
8.18.20
How to Respond to an Incident Part 2: Top 3 Actions to Improve Your Security Operations
Karen Crowley
8.18.20
Debunking the Myths on NDR Selection Criteria
Learn about the myths often spread by network detection & response vendors to hide gaps in functionality, & how to evaluate a best-of-breed NDR tool.
Jesse Munos
8.17.20
How to Respond to a Security Incident Part 1: What Does "Response" mean to you?
Karen Crowley
8.17.20
When They're Already Inside the Walls: How to Detect and Stop Lateral Movement
Attackers spend a lot of time moving laterally within your environment, trying to reach their targets. Detecting lateral movement can be a challenge, especially if they're using living-off-the-land techniques. Here's what you can do.
Tyson Supasatit
8.13.20
Building Blocks for Detection and Response: XDR vs. NDR Part 2
Learn about the challenges with extented detection and response by reading the second part this in-depth comparison of network detection and response (NDR) and extended detection and response (XDR).
Jesse Munos
8.7.20
SIGRed: What Is It, How Serious Is It, and How Should You Respond?
Learn about this critical vulnerability including how it works, how to detect it, and what remediation steps you can take.
Jesse Munos
8.7.20
Network Detection and Response (NDR) Vs. Extended Detection & Response (XDR)
Get some clarity on the alphabet soup of security vendor acronyms by reading this in-depth comparison of network detection and response (NDR) and extended detection and response (XDR).
Jesse Munos
7.28.20
Remote Work Isn't Going Away. Here's How to Secure WFH For The Long Haul
After the rapid shift to remote work, it's time to look toward maintaining the security of work-from-home infrastructures for the long haul. A recent SANS study and accompanying webinar discuss how.
Chase Snyder
