10.22.21
ExtraHop October TL;DR
Get up to date on some interesting stories and content you may have missed this month.
Paul Ditty
10.14.21
Detecting Attacks Using Microsoft Protocol Decryption
Microsoft Active Directory is a favorite target for attackers, and traditional threat detection techniques are falling short. Learn why and what you can do.
Jesse Munos
9.28.21
Detect Malware in Encrypted Traffic for Improved Security Visibility
Encryption gives attackers dark places to hide. Learn which common solutions for network visibility fall short, and which can accurately detect advanced threats.
Jesse Munos
9.24.21
ExtraHop September TL;DR
Get up to date on some interesting stories and content you may have missed this month.
Paul Ditty
9.13.21
Gartner on How to Respond to a Supply Chain Attack
A Gartner report makes the case for why staying on the defensive is the smartest business strategy to respond to supply chain attacks.
Kelsey Milligan
9.9.21
Slow EDR Rollout Needs a NG-IDS Compensating Control
We pitted Reveal(x) against signature-based IDS to see which technology had the most comprehensive detections against advanced threats. Spoiler alert: Reveal(x) won by leaps and bounds.
Don Shin
8.27.21
The Threat Inside Your Network
Financial services institutions are a common target of supply chain attacks. Learn how to prevent, detect, and respond to this persistent threat.
Tom Clavel
7.26.21
SANS on Defining and Measuring Cybersecurity Visibility
Visibility is necessary for security but the concept isn't exactly clear-cut. Hear from SANS on defining visibility to help you confidently identify blind spots, strengthen security, and measure success on this cybersecurity KPI.
Carol Caley
7.9.21
Three Common Advanced Threats and How to Stop Them
Advanced persistent threats, supply chain attacks, and zero days are becoming more prevalent. A new white paper explores each threat, how they overlap, and how to detect them before they cause damage.
Carol Caley
7.7.21
TCP Resets (RST): Attack or Defender Containment Method?
TCP reset attacks can take down internet connection, but TCP RST is also used by some security solutions to automate containment. Learn why it's (honestly) a weird approach to take.
Jamie Moles
7.1.21
Methods for Security Automation and Improving MTTR
Learn how automating asset containment can improve response times and strengthen security.
Jesse Munos
6.25.21
Top 3 Trends from the 2021 Verizon DBIR
The Verizon 2021 Data Breach Investigations Report (DBIR) provides insights into cybersecurity trends. Read our top takeaways, plus cyberdefense tips.
Chase Snyder
5.11.21
Adapt Your Defense Strategy to Stop Supply Chain Attacks
New SANS white paper explores how to build a comprehensive cyber defense plan to stop a supply chain attack and eliminate the attacker's advantage. Learn more.
Dale Norris
3.30.21
What is DCSync and How to Protect Against It
DCSync is an attack technique used to get user credentials. ExtraHop explains how it works and how to protect against DCSync.
Kirsten Gantenbein
3.24.21
The Ground Truth: Securing Remote Work with Collaborative NetSecOps in 2021 and Beyond
Distributed workforces aren't going anywhere. Learn about the challenges and opportunities in 2021 and beyond, and how NetOps and SecOps can be more successful when they work together.
Chase Snyder
3.23.21
Gartner Blog Includes Network Detection and Response as One of the Eight Controls to Thwart SUNBURST
In a recent blog post, Gartner lists network detection and response (NDR) as one of the controls necessary to thwart supply chain attacks. After SUNBURST, ExtraHop has evidence that NDR is an effective defense against sophisticated attacks.
Carol Caley
9.10.21
There's a Better Way to Monitor DNS
Well-known cyberattacks take advantage of DNS to evade common security tools. Learn how these attacks work, and how to monitor DNS traffic for threats.
Carol Caley
2.26.21
Talking to the Board About the New Realities of IT Security
Between the recent shifts in remote access and headlines filled with high-profile cyber attacks, getting board approval has some increasing challenges. Get tips for talking to the board of directors about security.
Sri Sundaralingam
1.1.21
LDAP Encryption: What You Need to Know in 2021
Get the skinny on LDAP encryption, including whether LDAP traffic is encrypted automatically and how you can best secure traffic using this protocol.
Carol Caley
8.24.21
Analyzing the SUNBURST SolarWinds Attack Campaign For Threat Intelligence
SolarWinds attack: ExtraHop is sharing 1700+ suspicious IP addresses (for threat hunters and data scientists) that were associated with the Sunburst backdoor attack.
Todd Kemmerling
