Just as animals use their senses to detect danger, cybersecurity depends on sensors to identify signals in the computing environment that may signal danger. The more highly tuned, diverse and coordinated the senses, the more likely one is to detect important signals that indicate danger. This, however, can be a double-edged sword. Too many signals with too little advanced … [Read more...] about Cyber Threat Protection — It All Starts with Visibility
Threat
Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud
In today’s security climate, NetOps and SecOps teams are witnessing increased attack surface area as applications and workloads move far beyond the boundaries of their data center. These applications/workloads move to, and reside in, multicloud architecture, adding complexity to connectivity, visibility, and control. In the multicloud world, the SecOps teams use a distributed … [Read more...] about Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud
Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)
This blog was originally published Oct. 1, 2021 on humio.com. Humio is a CrowdStrike Company. What is an indicator of compromise (IOC)? An indicator of compromise (IOC) is a piece of digital forensics that suggests that an endpoint or network may have been breached. The ability to monitor for indicators of compromise is critical to a comprehensive cybersecurity strategy, … [Read more...] about Extend Threat Visibility With Humio’s Integration With CrowdStrike’s Indicators of Compromise (IOCs)
How CrowdStrike Supercharges IR with Identity Threat Detection
CrowdStrike Incident Response teams leverage Falcon Identity Threat Detection (ITD) for Microsoft Active Directory (AD) and Azure AD account authentication visibility, credential hygiene and multifactor authentication implementation Falcon ITD is integrated into the CrowdStrike Falcon® platform and provides alerts, dashboards and custom templates to identify compromised … [Read more...] about How CrowdStrike Supercharges IR with Identity Threat Detection
Threat Trends: Firewall – Cisco Blogs
These days, protecting the network perimeter is a foregone conclusion. However, there is no longer a monolithic perimeter—there are often multiple perimeters to protect. Unauthorized attempts to cross perimeters are frequent, and the need to defend against threats is critical to protect your assets. In any perimeter defense a key component is firewalls—the proverbial guard … [Read more...] about Threat Trends: Firewall – Cisco Blogs
A Peek Inside the 2021 Threat Hunting Report
This time last year, the CrowdStrike Falcon OverWatch™ reported on mounting cyber threats facing organizations as they raced to adopt work-from-home practices and adapt to constraints imposed by the rapidly escalating COVID-19 crisis. Unfortunately, the 12 months that followed have offered little in the way of reprieve for defenders. The past year has been marked by some of the … [Read more...] about A Peek Inside the 2021 Threat Hunting Report
Threat Protection: The REvil Ransomware
The REvil ransomware family has been in the news due to its involvement in high-profile incidents, such as the JBS cyberattack and the Kaseya supply chain attack. Yet this threat carries a much more storied history, with varying functionality from one campaign to the next. The threat actors behind REvil attacks operate under a ransomware-as-a-service model. In this type of … [Read more...] about Threat Protection: The REvil Ransomware
Threat Intelligence in SecureX: Fast, Free, or Easy (pick any three)
SecureX is Cisco’s free, acronym-defying security platform. (“Is it XDR? Is it SOAR? Does it solve the same problems as a SIEM? As a TIP?” “Yes.”) From the very beginning, one of the pillars of SecureX was the ability to consume and operationalize your local security context alongside global threat intelligence. And to that end, SecureX includes, by default, a few very … [Read more...] about Threat Intelligence in SecureX: Fast, Free, or Easy (pick any three)
Secure and Save with Cisco Secure Firewall Threat Defense Virtual
Simultaneously secure and save with new 7.0 features and subscription models Organizations rely on Cisco Secure Firewall Threat Defense Virtual (formerly FTDv/NGFWv), Cisco’s proven network firewall with IPS, URL filtering, and malware defense that protects virtualized environments in private and public clouds. In addition to the improved IPS performance with Snort 3 and the … [Read more...] about Secure and Save with Cisco Secure Firewall Threat Defense Virtual
SecureX threat response Turnkey Integrations
SecureX turns one year old next month. It has been quite a journey from the first announcement at RSA Conference 2020, when there was one 3rd party integration (VirusTotal), to the release of SecureX the summer of 2020 with a large ecosystem. When SecureX was launched, we had several turnkey partner integrations into SecureX, like the Splunk add-on and QRadar extension. … [Read more...] about SecureX threat response Turnkey Integrations