2.26.21
Talking to the Board About the New Realities of IT Security
Between the recent shifts in remote access and headlines filled with high-profile cyber attacks, getting board approval has some increasing challenges. Get tips for talking to the board of directors about security.
Sri Sundaralingam
12.19.20
How to Identify Malicious Network and Port Scanning
Network scanning and port scanning aren't inherently hostile, but they're often used maliciously. Learn to identify malicious network scanning and differentiate it from benign behavior.
Christine Shaw
12.18.20
Analyzing the SUNBURST SolarWinds Attack Campaign For Threat Intelligence
SolarWinds attack: ExtraHop is sharing 1700+ suspicious IP addresses (for threat hunters and data scientists) that were associated with the Sunburst backdoor attack.
Todd Kemmerling
12.14.20
How to Detect and Respond to the SUNBURST Attack
Sunburst attack 2020: Learn how to detect and respond to the Sunburst backdoor supply chain attack with ExtraHop's spectrum of detection approaches.
ExtraHop
11.13.20
How Ransomware Works and How to Prevent It
Ransomware can cause irreparable damage. Learn how it works and how to detect it to stop attacks.
Kirsten Gantenbein
11.5.20
What Is PsExec and How to Protect Against Lateral Movement
PsExec is a Windows Sysinternals utility that enables IT administrators to run commands and executable binary files on remote servers, but it can also be used for stealthy lateral movement.
Kirsten Gantenbein
10.21.20
The Network, Security, and Cloud Blame Game
NetOps, SecOps, and Cloud teams often operate in silos. Improving collaboration and communication can help these teams resolve incidents faster.
Karen Crowley
10.19.20
What is DNS Tunneling and How to Protect Against It
Learn how DNS tunneling attacks work and what you can do to protect against them. Examples included!
Kirsten Gantenbein
10.14.20
Security Alert: 'Bad Neighbor' Vulnerability Affects Windows 10 Systems
The Windows 10 vulnerabilities unveiled by Microsoft on October 13 include a remote DoS (CVE-2020-16899) and a remote code execution flaw (CVE-2020-16898) dubbed 'Bad Neighbor'. Get the rundown on potential exploits and what you should do.
Jeff Costlow
10.13.20
SQL Injection Attacks: What Are They and How to Detect Them (with Examples!)
Learn how SQL injection attacks work and what you can do to protect against them. Examples included!
Kirsten Gantenbein
9.17.20
Professional Services Customer Success Stories: Scaling Digital Experiences During COVID-19
Learn how ExtraHop Professional Services helped one company secure a massive increase in personal teller machine use in lieu of in-person interactions.
Michael McPherson
9.16.20
Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR
The recent Zerologon vulnerability (CVE-2020-1472) could allow attackers to get control of a Windows domain without any user credentials. Learn how it works and how to protect against exploits.
Jeff Costlow
9.11.20
Alerts That Matter: Knowing When (and How) to Take Decisive Action
Sophisticated cyberattacks go undetected for weeks or months, and when discovered, security analysts struggle to contain the compromise and assess its scope. Most detection tools are able to create incident tickets, but noisy detections quickly become "ticket spam" and contribute to the security analyst's challenge of rising above the noise.
Jesse Munos
9.4.20
How to Respond to Incidents Quickly Despite Intentionally Confusing False Flags
False flags are deliberately planted details meant to distract or mislead investigators. Learn what to look out for and how to get more context.
Chase Snyder
7.24.20
Ripple20: Finding Vulnerable Devices and Detecting Attacks
The Ripple20 group of vulnerabilities affects hundreds of millions of devices across many industries. Learn how to identify devices using the vulnerable Treck software and detect Ripple20 exploits.
Jeff Costlow
7.7.20
Easy Multi-Factor Authentication: JumpCloud SSO With SAML
Learn how you can leverage JumpCloud SSO with SAML for an uncomplicated approach to multi-factor authentication that works in environments without an existing identity provider.
Thomas Smith
5.5.20
TCP Windowing: What Is It, Scaling, and Tips
Learn about TCP windowing covering perspectives of a server as the receiver and a client as the sender.
Christine Shaw
5.2.20
The OSI Model Explained - 2020 Update
Learn about the OSI Model - explained layer-by-layer in language you can understand. Recently updated!
Dale Norris
3.2.20
Watch Out for These Creative Streaming Methods
ExtraHop doesn't just detect active threats... Prep for March Madness with our favorite examples of video streaming in the workplace.
Rachel Pepple
2.18.20
Top 3 Considerations for Enterprise IoT Security
IoT discovery, behavioral profiling, and advanced threat detection and response are critical for enterprise IoT security. Learn how ExtraHop Reveal(x) secures IoT.
Tom Stitt
