Protection before Detection – Endpoint detection response
Read More: Protection before Detection – Endpoint detection responseProtection before Detection – Endpoint detection response Endpoint Detection and response gets a lot of attention from the entire cyber security industry, EDR as it is commonly known is a valuable tool in a corporate kitbag, but is Endpoint and response something that should be acquired first, second or where? If we review the Australian…
An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors
Read More: An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack VectorsAn Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors. Recently I wrote about EDR failure to detect and respond to cases of Advanced Persistent Threats here after discovering a research paper on the topic when researching the use of Machine Learning in cyber security Detection and response solutions such…
Microsoft Defender Endpoint Deployments
Read More: Microsoft Defender Endpoint DeploymentsRecently I have been deploying Microsoft Defender for Endpoints into my lab environment as a part of my job function. I am responsible for aiding resellers and Managed Service Providers (MSP) to implement Microsoft Security solutions for their business customers. Personally I have been working with tech for many years but almost always using Microsoft…
WAZUH Open source security platform
Read More: WAZUH Open source security platformWAZUH Open source security platform is a fork of OSSEC, it has been around since 2015 as a product and is growing in adoption. What is Wazuh Wazuh is an eXtended Detection and response platform that does not claim any level of either: Artificial Intelligence Machine Learning or, that it is easy These are the…
Endpoint Detection Response Assessment = Fail
Read More: Endpoint Detection Response Assessment = FailEndpoint Detection Response Assessment = Failure of virtually all current leading Endpoint detection and response solutions to detect a range of ‘known’ attack methods. Throughout this work, we went through a series of attack vectors used by advanced threat actors to infiltrate organizations. Using them, we evaluated state-of-the-art EDR solutions to assess their reactions, as…
EDR, XDR – NDR
Read More: EDR, XDR – NDRWith the uptake of Cyber Security solutions by clients globally it was only a matter of time for EDR tools to be mainstream for customers as it is today in 2022. NDR is also starting to make progress towards mainstream adoption in 2021 as detailed in the below image.
Zero Trust vendor architecture: Ethical, or not ethical?
Read More: Zero Trust vendor architecture: Ethical, or not ethical?A vulnerability is disclosed in Palo Alto VPN hardware/software, the company who discovered this: Randori may not have disclosed this to the vendor in a timely fashion. The premise that is suggested for this, is that as Randori are a Red Teaming company they used this Vulnerability to infiltrate their clients who used Palo Alto…
No business too small to be a target for Cyber crime
Read More: No business too small to be a target for Cyber crimeSmall to Mid enterprise companies in Australia are extremely vulnerable to revenue disruption and most likely financial disaster from cyber breach – Auto parts importer lost $880k 2 months ago as an example, not the typical target for a cyber criminal, or is it? Yesterday in one Risk Intelligence report we ran for a client…
AV NGAV EDR XDR MDR AMDR
Read More: AV NGAV EDR XDR MDR AMDRThe cyber security landscape has seen huge expansion and growth in the past 5 years and End Point Detection and Response (EDR) has been one of the biggest areas of expansion. https://www.morphisec.com/hubfs/2020%20State%20of%20Endpoint%20Security%20Final.pdf According to Ponemon Institute, 68% of organisations suffered one or more endpoint attacks that successfully compromised data or IT Infrastructure. In 2018 Gartner…
Artificial Intelligence?
Read More: Artificial Intelligence?Artificial Intelligence is not always Artificial Intelligence, every Cyber Security vendor selling solutions today is either putting an “using AI” sticker on their website, or they are investigating how they can use Artificial Intelligence “AI” and Machine Learning “ML”in their branding. It stands to reason as the terms are well on the incline of the…