Manage Digital Risk
Address Critical Business Needs
Automate Detection and Detect Early with Leading Indicators
The ultimate goal of any security monitoring program or Security Operations Center (SOC) team is to automate threat detection, to detect earlier in the attack lifecycle and to stop the threat actors from achieving their desired objectives of disrupting their business or stealing their IP or money. “Automating Threat Detection”, sounds simple enough, but how...
Read more
Black Hat Asia NOC: Malware visibility
By Chris Thomas and Mike Sconzo In the Black Hat Asia NOC we worked to ensure the wireless network was available for presenters and attendees. As part of our monitoring, we kept an eye open for any malware present on the network. RSA NetWitness® Suite’s Malware Detection capabilities look for network sessions containing file-types typically...
Tales From The Black Hat NOC: Chaos So Organized, Even a T-Rex Can Do It
By Wednesday morning, the traffic profile switched from compartmentalized, per-classroom monitoring, to a chaotic sea of conference wireless...
Threat Intelligence Sharing: Customized Solutions to Challenges
Threat intelligence sharing is a hot and sometimes contentious topic. While its necessity and justifications are generally known, there are legitimate reasons why sharing information on a large scale has been met with resistance. The Argument for Sharing When sharing intelligence, it is important to establish from the outset that combining best practices for...
5 Must-Read Articles on Advanced Detection and Incident Response Speed
In his 2016 RSA Conference keynote, RSA President Amit Yoran explained that modern security is moving away from the traditional focus on prevention toward a mindset that includes monitoring and response as key security components. In particular, Yoran stressed that accelerating incident response speed is crucial for overcoming current known security threats and...
Multi-layered Analysis of a Threat Pattern
If you do not fully know the asset, how can you protect it? This is the first challenge security practitioners face during any activity, whether it is a penetration test, code review, risk assessment, or design of a threat pattern. In a previous post, author Davide Veneziano provided an overview of the building-block required to design a consistent...
Engineering The Design Of A Threat Pattern
In our journey of developing and maintaining threat patterns, we have now arrived at a critical phase: the design. While the need of an implementation phase is immediate as well as the evaluation of the background analysis in order to build something meaningful (as explained by my colleague, Demetrio Milea) – the intermediate design phase is the...
Context in Risk-Based Threat Patterns
Risks come from various sources that are not always possible to identify and subsequently prevent and mitigate in advance. With the growth in cloud, social, mobile and “bring your own device” computing, the size of the attack surface is greater than ever. Many attack scenarios are possible mainly due the complexity of the network’s topology and...
Hypothesis in Threat Hunting
Today’s threat landscape requires organizations to operate more proactively to keep up with advanced and persistent threats. There is no doubt that the practice of threat hunting has emerged as a key capability to detect stealthy threat actors trying to gain access to the organizational IT infrastructure by evading traditional security measures. Hunting aims to...
Identifying Fraud Faster with Intelligence Feeds - Web Threat Detection v6
Online fraud remains as much a part of digital life as URLs. Fraudsters are constantly devising new ways to separate consumers from their money, login credentials, Personally Identifiable Information (PII), healthcare data and anything else that can be monetized. Even more, they are doing it with speed and sophistication, but most damaging, they do it...
Blog posts by category
Around RSA
Industry Perspectives
Products & Solutions
Securing the Digital World
The Language of Cybersecurity
Need help? Click on the button below to begin a chat session.