Anvilogic – Medium

Anvilogic

Anvilogic

The Conti Leaks emphasize the need for detection based on threat behaviors

How threat actors can reuse techniques and behavioral threat detections help

May 3, 2022

May 3, 2022

Anvilogic

Reduce Log Ingestion SOC Fatigue: A Detection-First Approach

Assessment and prioritization of your SOC feeds can help reduce cost & ensure quality

Apr 21, 2021

Reduce Log Ingestion SOC Fatigue: A Detection-First Approach

Apr 21, 2021

Anvilogic

Detect APTs, like HAFNIUM, on Day 0

Within the recent weeks security professionals have been scrounging their infrastructures, and the internet, for any HAFNIUM-related…

Mar 18, 2021

Detect APTs, like HAFNIUM, on Day 0

Mar 18, 2021

Anvilogic

Fast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?

SOC practitioners know that the threat landscape is as complex and fast-breaking as it has ever been, and attackers are increasingly more…

Mar 9, 2021

Fast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?

Mar 9, 2021

Anvilogic

Detecting Dependency Confusion: Supply-Chain Compromise Vector

The recent exposure of SolarWinds showed us how a determined adversary could leverage a trusted source in order to gain access to an…

Feb 18, 2021

Detecting Dependency Confusion: Supply-Chain Compromise Vector

Feb 18, 2021

Anvilogic

Detecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)

A recent heap-based buffer overflow vulnerability (CVE-2021–3156) in sudo was discovered with a high CVSS score of 7.8 dubbed “Baron…

Feb 5, 2021

Detecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)

Feb 5, 2021

Anvilogic

SolarWinds Supply Chain Compromise — Is it impossible to detect?

The cybersecurity world has been spinning with the suggested reports that APT29, Russia’s elite hacking intelligence arm, has been able to…

Jan 8, 2021

SolarWinds Supply Chain Compromise — Is it impossible to detect?

Jan 8, 2021

Anvilogic

The Pervasive Problem of Inferior Detection in your SOC!

Enterprise security operations centers (SOC) have existed for the sole purpose of detecting and responding to threats to an enterprise —…

Dec 7, 2020

The Pervasive Problem of Inferior Detection in your SOC!

Dec 7, 2020

Anvilogic

No-code in the SOC!

The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of…

Oct 20, 2020

No-code in the SOC!

Oct 20, 2020

Anvilogic

The Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…

As a follow up to the part 1 posting of this topic, and the XDR topic posted by our CTO, let’s discuss how we must deal with the…

Sep 7, 2020

The Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…

Sep 7, 2020

Anvilogic

Anvilogic

Anvilogic's Multi-Data Platform SIEM is used by Enterprise SOC teams to force multiply their ability to detect, investigate, and hunt.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams