Threat detection and response

Just as malicious actors' threats and attack techniques evolve, so too must enterprise threat detection and response tools and procedures. From real-time monitoring and network forensics to IDS/IPS, NDR and XDR, SIEM and SOAR, read up on detection and response tools, systems and services.

Top Stories

Podcast 20 Nov 2024
Risk & Repeat: China hacks major telecom companies

The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 20 Nov 2024
Apple warns 2 macOS zero-day vulnerabilities under attack

The macOS Sequoia vulnerabilities are the latest to be targeted and exploited by threat actors as cybersecurity vendors report a shift in the landscape. Continue Reading
By
- Arielle Waldman, News Writer

News 03 Mar 2022
Intel touts security improvements in 12th-gen Core CPUs

Intel is courting enterprises with a new line of Core vPro CPUs that boast improved security protections ranging from firmware and OS to memory. Continue Reading
By
- Shaun Nichols
News 02 Mar 2022
CrowdStrike cracks PartyTicket ransomware targeting Ukraine

CrowdStrike's analysis of the new ransomware, also known as HermeticRansom, that affected Ukrainian organizations revealed that files encrypted with PartyTicket are recoverable. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Mar 2022
Nvidia confirms breach, proprietary data leaked online

Nvidia has confirmed some of the claims from a little-known ransomware gang that allegedly broke into the network of the GPU giant and stole corporate data. Continue Reading
By
- Shaun Nichols
News 01 Mar 2022
HermeticWiper poses increasing cyber risk to Ukraine

While it has not been attributed to a specific threat group, ESET researchers observed another data-wiping malware that targeted a Ukrainian organization and warned it could extend to allies. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Feb 2022
Recorded Future: Russia may retaliate with cyber attacks

Recorded Future warned U.S. and European organizations could be hit by 'spillover attacks' or intentional retaliatory strikes from Russia following its invasion of Ukraine. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Feb 2022
Researchers find access brokers focused on US targets

Security vendors studied 'access broker' advertisements on the dark web, which provide ransomware groups with the network and system access required for data thefts. Continue Reading
By
- Shaun Nichols
News 25 Feb 2022
SentinelOne reboots Scalyr as enterprise data platform

The cybersecurity vendor launches DataSet as a separate technology service from its core cybersecurity platform to help organizations manage and query large volumes of data. Continue Reading
By
- Sean Michael Kerner
News 23 Feb 2022
US, UK attribute Cyclops Blink to Sandworm

The group known for its use of VPNFilter malware has retooled with what is being tracked as Cyclops Blink, but its impact appears limited to WatchGuard business customers for now. Continue Reading
By
- Arielle Waldman, News Writer
News 23 Feb 2022
Dragos: Ransomware topped ICS and OT threats in 2021

Whether ICS and OT networks were intentionally targeted or not, ransomware was found to be the No. 1 compromise to industrial organizations last year. Continue Reading
By
- Arielle Waldman, News Writer
News 16 Feb 2022
Kronos attack fallout continues with data breach disclosures

Employees at both public and private sector organizations had their data compromised during a December ransomware attack on Kronos that also took down payroll systems. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 16 Feb 2022
Apache Cassandra vulnerability puts servers at risk

Certain non-default configurations of the Apache Cassandra database software could leave the door open for remote code execution attacks, according to JFrog researchers. Continue Reading
By
- Shaun Nichols
News 15 Feb 2022
Sophos discovers new attack targeting Exchange Servers

A new type of attack that utilizes the Squirrelwaffle malware and business email compromise may be an issue for organizations that have not patched their Exchange servers. Continue Reading
By
- Arielle Waldman, News Writer
News 15 Feb 2022
CrowdStrike: Attackers are moving faster, harder to detect

The CrowdStrike '2022 Global Threat Report' said attackers are getting better at exploiting vulnerabilities and moving through compromised networks before defenders can spot them. Continue Reading
By
- Shaun Nichols
News 15 Feb 2022
Ransomware tied to attacks on critical infrastructure last year

While recent law enforcement action may be altering the ransomware landscape, BlackBerry researchers observed high-profile attacks on critical infrastructure last year. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Feb 2022
CISA says 'Shields Up' as Russia-Ukraine tensions escalate

CISA said in its advisory that 'there are not currently any specific credible threats to the U.S. homeland,' but cited past Russian cyber attacks against Ukraine and others. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Feb 2022
Fallout from REvil arrests shakes up ransomware landscape

Russian authorities recently announced more than a dozen arrests of alleged REvil members, heightening concern among ransomware affiliates on the dark web. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2022
Ransomware groups shift from big game hunting

A joint cybersecurity advisory documented top ransomware trends for 2021 and addressed ways for organizations to improve security. Continue Reading
By
- Arielle Waldman, News Writer
News 08 Feb 2022
Russia continues cybercrime offensive with SkyFraud takedown

Officials in Russia have knocked the SkyFraud credit card fraud operation offline in the latest of a string of police actions against cybercriminals in the region. Continue Reading
By
- Shaun Nichols
News 08 Feb 2022
DOJ recovers $3.6B from 2016 Bitfinex hack

A couple was arrested Tuesday morning after the DOJ traced 120,000 bitcoin to a digital wallet containing funds stolen during the 2016 hack of cryptocurrency platform Bitfinex. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
News 08 Feb 2022
IBM upgrades FlashSystem to tackle ransomware

Addressing the continuing onslaught of cyber attacks, IBM has delivered an offering that combines its FlashSystem and Cyber Vault products for fast recovery. Continue Reading
By
- Adam Armstrong, News Writer
- Ed Scannell, Senior Executive Editor
News 03 Feb 2022
DHS forms first-ever Cyber Safety Review Board

The new initiative is one in a string of many by the Biden administration to push public and private collaboration in addressing cyber threats such as Log4j vulnerabilities. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 03 Feb 2022
The importance of a policy-driven threat modeling approach

An expanding threat landscape, combined with increasing cloud use and a cybersecurity skill shortage, is driving the need for a policy-driven threat modeling approach. Continue Reading
By
- Altaz Valani
News 03 Feb 2022
Distrust, feuds building among ransomware groups

In an industry that operates in anonymity, trust is everything -- but recent accusations of ransomware actors working with or being law enforcement is threatening that work model. Continue Reading
By
- Arielle Waldman, News Writer
Feature 02 Feb 2022
A day in the life of a cybersecurity manager

The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
By
- Isabella Harford, TechTarget
- O'Reilly Media
Feature 02 Feb 2022
Top cybersecurity leadership challenges and how to solve them

Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
By
- Isabella Harford, TechTarget
Feature 02 Feb 2022
What's the status of AI in networking?

The use cases for AI are expanding, but despite the advantages, network pros have yet to implement AI fully. Three analysts explain the status of AI in enterprise networks. Continue Reading
By
- Deanna Darah, Site Editor
News 02 Feb 2022
More than 1,000 malware packages found in NPM repository

Researchers with WhiteSource were able to find some 1,300 examples of malware hiding under the guise of legitimate JavaScript packages on the NPM repository. Continue Reading
By
- Shaun Nichols
News 01 Feb 2022
Iranian hacking groups pick up the pace with new attacks

Two security vendors are reporting a fresh wave of targeted attacks and malware outbreaks believed to be the work of Iranian state-sponsored threat groups. Continue Reading
By
- Shaun Nichols
News 01 Feb 2022
Ransomware attacks continue to plague public services

Ransomware this year has picked up right where 2021 left off, with several local governments, schools and health services across the U.S. suffering attacks. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Feature 31 Jan 2022
Include defensive security in your cybersecurity strategy

Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 28 Jan 2022
Nmap use cases, tools and product comparisons

Nmap is historically known for port scanning, but thanks to several subprojects, its use cases have expanded. Learn how Nmap is used, along with other comparable tools. Continue Reading
By
- Sharon Shea, Executive Editor
News 27 Jan 2022
SolarWinds hackers still active, using new techniques

CrowdStrike has tracked the latest threat activity and novel techniques from the SolarWinds hackers, a Russian state-sponsored group known as Cozy Bear. Continue Reading
By
- Arielle Waldman, News Writer
Feature 27 Jan 2022
How to use Nmap to scan specific ports

One of Nmap's primary functions is conducting port scans. In this walkthrough, learn how to launch a default scan, along with other options that affect Nmap port scan behavior. Continue Reading
By
- Sharon Shea, Executive Editor
- Packt Publishing
Guest Post 27 Jan 2022
How AI can help security teams detect threats

AI and machine learning are reshaping modern threat detection. Learn how they help security teams efficiently and accurately detect malicious actors. Continue Reading
By
- Rohit Dhamankar
News 26 Jan 2022
New vulnerability rating framework aims to fill in CVSS gaps

The CVSS vulnerability scale doesn't always give a clear picture of the risk of a vulnerability, but experts hope the emerging standard called EPSS will provide more clarity. Continue Reading
By
- Shaun Nichols
News 25 Jan 2022
Sophos: Log4Shell impact limited, threat remains

Sophos threat researcher Chet Wisniewski detailed the unexpectedly limited impact Log4Shell had on organizations but warned of future exploitation and risks. Continue Reading
By
- Arielle Waldman, News Writer
News 25 Jan 2022
Bernalillo County ransomware attack still felt weeks later

A ransomware attack in early January disrupted government systems in New Mexico's largest county, which stalled operations at county offices and the county detention center. Continue Reading
By
- Peyton Doyle, News Editorial Assistant
Feature 24 Jan 2022
Enterprises reluctant to report cyber attacks to authorities

Despite some successful law enforcement operations, including the seizure of a ransom payment, infosec experts say many enterprises are still unlikely to report cyber attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jan 2022
Crypto.com confirms $35M lost in cyber attack

The cryptocurrency exchange had claimed no customer funds were lost in the recent cyber attack, but now admits 4,836.26 ETH and 443.93 bitcoin was stolen. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Jan 2022
Cisco: Patching bugs is about more than CVSS numbers

Cisco's Kenna Security advised enterprises to consider more than just CVSS scores and update advisories when deciding when and how to address security vulnerabilities. Continue Reading
By
- Shaun Nichols
News 19 Jan 2022
FireEye, McAfee Enterprise relaunch as XDR-focused Trellix

Though the new company is a combination of two high-profile security vendors, private equity firm STG relaunched the merger under an entirely different name. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Jan 2022
Cryptocurrency exchange Crypto.com hit by cyber attack

The cryptocurrency exchange said it detected unauthorized activity on some user accounts over the weekend, but questions remain on the severity of the attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Jan 2022
Ukraine hit with destructive malware attacks amidst turmoil

A new type of destructive malware was discovered by Microsoft after public and private organizations in Ukraine endured a series of cyber attacks as tensions with Russia grow. Continue Reading
By
- Shaun Nichols
News 12 Jan 2022
New RAT campaign abusing AWS, Azure cloud services

Cisco Talos discovered threat actors taking advantage of public cloud services to spread remote administration tools such as NanoCore, NetWire and AsyncRAT. Continue Reading
By
- Shaun Nichols
News 06 Jan 2022
New Zloader attacks thwarting Microsoft signature checks

Check Point Software Technologies found a long-known trick of injecting code into valid file signatures remains effective for spreading malware such as Zloader. Continue Reading
By
- Shaun Nichols
News 05 Jan 2022
MicroStrategy enhances security, embedded analytics features

The vendor recently upgraded its products to the latest version of Log4j's software while also adding a new viewing experience and embedded BI capabilities to its platform. Continue Reading
By
- Eric Avidon, Senior News Writer
Feature 04 Jan 2022
Is quantum computing ready to disrupt cybersecurity?

Quantum computing isn't here yet, but now is the time for companies to start considering how it may affect their business -- both negatively and positively -- in the next decade. Continue Reading
By
- Kyle Johnson, Technology Editor
News 30 Dec 2021
Threat actors target HPE iLO hardware with rootkit attack

Integrated Lights Out, HPE's remote server management platform, has been compromised by intruders who are using it to install a hard-to-detect rootkit in the wild. Continue Reading
By
- Shaun Nichols
News 20 Dec 2021
5 Russians charged in hacking, illegal trading scheme

A group of hackers based in Russia and tied to the GRU stand accused of breaking into companies and using confidential data to profit from illegal stock trades. Continue Reading
By
- Shaun Nichols
Podcast 17 Dec 2021
Risk & Repeat: Log4Shell shakes infosec industry

This Risk & Repeat podcast episode looks at the latest developments with Log4Shell and the efforts to mitigate the critical remote code executive vulnerability. Continue Reading
By
- Rob Wright, Senior News Director
Definition 16 Dec 2021
stealth virus

A stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software. Continue Reading
By
- Rahul Awati
Tip 15 Dec 2021
Where do PSIM systems fit into disaster recovery?

Organizations that use multiple security platforms can look to PSIM systems to be better prepared for an incident. Read on for more about how they work. Continue Reading
By
- John Edwards
News 15 Dec 2021
Log4j gets a second update as security woes pile up

Administrators who were already scrambling to patch up the Log4Shell flaw are now being advised to update to Log4j version 2.16.0 following the discovery of issues in 2.15.0. Continue Reading
By
- Shaun Nichols
News 15 Dec 2021
'Insane' spread of Log4j exploits won't abate anytime soon

Experts say that the explosion in exploits for CVE-2021-44228 is only the early phase of what will be a long and tedious road to remediation for the critical vulnerability. Continue Reading
By
- Shaun Nichols
Definition 15 Dec 2021
spam filter

A spam filter is a program used to detect unsolicited, unwanted and virus-infected emails and prevent those messages from getting to a user's inbox. Continue Reading
By
- Andrew Zola
Definition 14 Dec 2021
What is a micro VM (micro virtual machine)?

A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system. Continue Reading
By
- Stephen J. Bigelow, Senior Technology Editor
- Sharon Shea, Executive Editor
News 13 Dec 2021
Fixes for Log4j flaw arise as attacks soar

Exploits against the Log4j security vulnerability are already commonplace just days after its disclosure, but some vendors are already offering mitigations and detection tools. Continue Reading
By
- Shaun Nichols
News 10 Dec 2021
Dark web posts shed light on Panasonic breach

A network breach at Japanese electronics giant Panasonic was possibly set up as far back as January, according to researchers who were monitoring dark web forums. Continue Reading
By
- Shaun Nichols
News 09 Dec 2021
Rubrik's ransomware tools put detection in line with protection

To better protect against ransomware, Rubrik has expanded the capabilities of its core platform and added new features including cyber threat hunting and Rubrik Cloud Vault. Continue Reading
By
- Adam Armstrong, News Writer
News 07 Dec 2021
USB-over-Ethernet bugs put cloud services at risk

SentinelOne says vulnerabilities in the Eltima SDK, which connects USB devices on virtual workstations, can put enterprises at risk of privilege escalation attacks. Continue Reading
By
- Shaun Nichols
Guest Post 07 Dec 2021
Why image-based phishing emails are difficult to detect

Image-based phishing emails are becoming increasingly popular with attackers. Learn how these hard-to-detect scams bypass email filters to infiltrate victims' systems. Continue Reading
By
- Sébastien Goutal
News 06 Dec 2021
One year later, SolarWinds hackers targeting cloud providers

The hacking crew accused of breaking into SolarWinds a year ago is back at it and is trying to get to their targets through attacks on the networks of cloud computing providers. Continue Reading
By
- Shaun Nichols
Tip 06 Dec 2021
How to get started with attack surface reduction

Attack surface reduction and management are vital to any security team's toolbox. Learn what ASR is and how it complements existing vulnerability management products. Continue Reading
By
- Diana Kelley, SecurityCurve
News 03 Dec 2021
Hundreds of new vulnerabilities found in SOHO routers

Researchers credited vendors for their swift response to reports of widespread security vulnerabilities but warned users to make sure firmware is updated to avoid attacks. Continue Reading
By
- Shaun Nichols
News 02 Dec 2021
Former Ubiquiti engineer arrested for inside threat attack

Nickolas Sharp is accused of attacking his former employer, stealing confidential data and attempting to extort the company into paying him approximately $2 million. Continue Reading
By
- Arielle Waldman, News Writer
News 01 Dec 2021
CISA taps CrowdStrike for endpoint security

The U.S. government's cybersecurity authority will be watched over by security vendor CrowdStrike as part of the larger government IT security overhaul. Continue Reading
By
- Shaun Nichols
News 29 Nov 2021
Hack 'Sabbath': Elusive new ransomware detected

A newly uncovered ransomware operation, dubbed UNC2190 or "Sabbath," has roots in a previous ransomware group but has so far been able to operate mostly undetected. Continue Reading
By
- Shaun Nichols
Feature 29 Nov 2021
Elastic Stack Security tutorial: How to create detection rules

This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
Feature 29 Nov 2021
Elastic Security app enables affordable threat hunting

New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers. Continue Reading
By
- Kyle Johnson, Technology Editor
News 23 Nov 2021
Apple files lawsuit against spyware vendor NSO Group

Apple sued the Israeli technology vendor, whose Pegasus spyware has been implicated in several malicious attacks on journalists, activists and government officials. Continue Reading
By
- Arielle Waldman, News Writer
News 22 Nov 2021
GoDaddy discloses breach of 1.2M customer account details

Web hosting provider GoDaddy said an attacker broke into its Managed WordPress service and accessed the account details and SSL keys of 1.2 million customers. Continue Reading
By
- Shaun Nichols
News 19 Nov 2021
How enterprises need to prepare for 'cyberwar' conflicts

Infosec expert Tarah Wheeler said increasing international conflicts are posing new compliance and regulatory standards, but adapting the changes may be difficult for enterprises. Continue Reading
By
- Arielle Waldman, News Writer
News 18 Nov 2021
CISA, Microsoft warn of rise in cyber attacks from Iran

CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises. Continue Reading
By
- Shaun Nichols
News 18 Nov 2021
New side channel attack resurrects DNS poisoning threat

A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites. Continue Reading
By
- Shaun Nichols
Podcast 17 Nov 2021
Risk & Repeat: Are ransomware busts having an effect?

International law enforcement agencies this year have stepped up efforts to address the ransomware threat with arrests, indictments and multimillion-dollar rewards. Continue Reading
By
- Rob Wright, Senior News Director
News 15 Nov 2021
FBI email system compromised to issue fake alerts

An unknown threat actor sent emails warning of a supply chain attack through an FBI portal used by law enforcement agencies to communicate with one another. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Nov 2021
Citrix DDOS bug leaves networks vulnerable

Citrix patched a critical bug in its Application Delivery Controller and Gateway software that left networks open to DDOS attacks. It also fixed a less-severe SD-WAN WANOP bug. Continue Reading
By
- Madelaine Millar, TechTarget
News 11 Nov 2021
'King of Fraud' sentenced for Methbot botnet operation

Aleksandr Zhukov was sentenced to 10 years in prison for the theft of $7 million in a massive digital advertising fraud operation using his 'Methbot' botnet. Continue Reading
By
- Alexander Culafi, Senior News Writer
Guest Post 10 Nov 2021
4 concepts that help balance business and security goals

The goal of enterprise security is to maintain connectivity, while remaining protected. Use these four concepts to balance business and security goals. Continue Reading
By
- Mark Pierpoint
News 09 Nov 2021
Medical devices at risk from Siemens Nucleus vulnerabilities

Thirteen bugs, including a critical security flaw, have been patched in the Siemens Nucleus TCP/IP stack, a vital component for millions of connected medical devices. Continue Reading
By
- Shaun Nichols
Guest Post 21 Sep 2021
3 components to consider when selecting an MDR service

In the market for an MDR service? Read up on three considerations to keep in mind and questions to ask potential providers before making a decision. Continue Reading
By
- Daniel Clayton
News 08 Sep 2021
Microsoft zero-day flaw exploited in the wild

Microsoft and the Cybersecurity and Infrastructure Security Agency have issued advisories warning users to mitigate against a zero-day flaw, as no patch has been released. Continue Reading
By
- Arielle Waldman, News Writer
Guest Post 02 Aug 2021
Network security in the return-to-work era

IT teams are dealing with the challenge of reconnecting devices to office networks as employees return to work. Here's how your organization can overcome that challenge. Continue Reading
By
- Jonathan Meyers
Definition 12 Apr 2021
What is endpoint detection and response (EDR)?

Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats. Continue Reading
By
- Gavin Wright
- Alexander S. Gillis, Technical Writer and Editor
Report 01 Apr 2021
Ultimate guide to cybersecurity incident response

Learn actionable incident response strategies that your IT and enterprise security teams can use to meet today's security threats and vulnerabilities more effectively. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
News 11 Mar 2021
Cisco found cryptomining activity within 69% of customers

Cisco found cryptomining malware affected a vast majority of customers in 2020, generating massive amounts of malicious DNS traffic while sucking up precious computing resources. Continue Reading
By
- Arielle Waldman, News Writer
Feature 04 Mar 2021
How to become a threat hunter

Top threat hunters are creative and slightly contrarian, enabling them to think outside the box -- much like the best cybercriminals, according to one expert. Continue Reading
By
- Alissa Irei, Senior Site Editor
Definition 24 Feb 2021
honeypot (computing)

A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems. Continue Reading
By
- Ben Lutkevich, Site Editor
- Casey Clark, TechTarget
- Michael Cobb
Tip 23 Feb 2021
How to achieve security observability in complex environments

Security observability is a novel approach to incident detection that goes beyond traditional monitoring. Read on to learn if this emerging strategy is right for your enterprise. Continue Reading
By
- Michael Cobb
Tip 08 Dec 2020
Pros and cons of an outsourced SOC vs. in-house SOC

Security operations centers have become an essential element of threat detection. Here's how to decide whether to build one in-house or outsource SOC capabilities. Continue Reading
By
- Peter Sullivan
Tip 03 Dec 2020
8 challenges every security operations center faces

Staffing shortages, budget allocation issues, and inadequate analytics and filtering are among the challenges organizations will face as they implement a security operations center. Continue Reading
By
- John Burke, Nemertes Research
Feature 27 Oct 2020
Zero-trust network policies should reflect varied threats

Role-based access systems create enormous pools of responsibility for administrators. Explore how to eliminate these insecure pools of trust with zero-trust network policies. Continue Reading
By
- Katie Donegan, Social Media Manager
- O'Reilly Media
Tip 29 Jul 2020
As network security analysis proves invaluable, NDR market shifts

IT infrastructure threat detection and response have emerged as critical elements of enterprise cybersecurity as network security analysis proves invaluable to protecting data. Continue Reading
By
- Andrew Froehlich, West Gate Networks
Quiz 28 Jul 2020
IDS/IPS quiz: Intrusion detection and prevention systems

Want a baseline of your intrusion detection and prevention system knowledge? Test your insights with this IDS/IPS quiz. Continue Reading
By
- Sharon Shea, Executive Editor
News 24 Mar 2020
Cisco security GM discusses plan for infosec domination

At RSA Conference 2020, Gee Rittenhouse, senior vice president and general manager of Cisco's security group, talks about the company's strategy to reshape the infosec industry. Continue Reading
By
- Rob Wright, Senior News Director
News 06 Feb 2020
Forescout acquired by private equity firm for $1.9 billion

Network security vendor Forescout Technologies was acquired for $1.9 billion by Advent International, a private equity firm looking to increase its cybersecurity investments. Continue Reading
By
- Arielle Waldman, News Writer
Answer 10 Dec 2019
How to prevent port scan attacks

The popular port scan is a hacking tool that enables attackers to gather information about how corporate networks operate. Learn how to detect and prevent port scanning attacks. Continue Reading
By
- Michael Cobb
Tip 18 Nov 2019
Use network traffic analysis to detect next-gen threats

Network traffic analysis, network detection and response -- whichever term you prefer, the technology is critical to detecting new breeds of low-and-slow threats. Continue Reading
By
- Kevin Tolly, The Tolly Group
News 01 Oct 2019
Sophos launches Managed Threat Response service

The new offering is built on Sophos' endpoint security platform Intercept X Advanced, with capabilities supported by the company's recent acquisition of Rook Security and DarkBytes. Continue Reading
By
- Ha Ta
News 05 Sep 2019
Awake Security adds adversarial model to security platform

The new feature is meant to enable companies to identify attackers faster. Other updates to the security system include extending cloud capabilities to Amazon Web Services. Continue Reading
By
- Tanner Harding