AnvilogicThe Conti Leaks emphasize the need for detection based on threat behaviorsHow threat actors can reuse techniques and behavioral threat detections helpMay 3, 2022May 3, 2022
AnvilogicReduce Log Ingestion SOC Fatigue: A Detection-First ApproachAssessment and prioritization of your SOC feeds can help reduce cost & ensure qualityApr 21, 2021Apr 21, 2021
AnvilogicDetect APTs, like HAFNIUM, on Day 0Within the recent weeks security professionals have been scrounging their infrastructures, and the internet, for any HAFNIUM-related…Mar 18, 20211Mar 18, 20211
AnvilogicFast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?SOC practitioners know that the threat landscape is as complex and fast-breaking as it has ever been, and attackers are increasingly more…Mar 9, 2021Mar 9, 2021
AnvilogicDetecting Dependency Confusion: Supply-Chain Compromise VectorThe recent exposure of SolarWinds showed us how a determined adversary could leverage a trusted source in order to gain access to an…Feb 18, 2021Feb 18, 2021
AnvilogicDetecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)A recent heap-based buffer overflow vulnerability (CVE-2021–3156) in sudo was discovered with a high CVSS score of 7.8 dubbed “Baron…Feb 5, 2021Feb 5, 2021
AnvilogicSolarWinds Supply Chain Compromise — Is it impossible to detect?The cybersecurity world has been spinning with the suggested reports that APT29, Russia’s elite hacking intelligence arm, has been able to…Jan 8, 2021Jan 8, 2021
AnvilogicThe Pervasive Problem of Inferior Detection in your SOC!Enterprise security operations centers (SOC) have existed for the sole purpose of detecting and responding to threats to an enterprise —…Dec 7, 2020Dec 7, 2020
AnvilogicNo-code in the SOC!The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of…Oct 20, 2020Oct 20, 2020
AnvilogicThe Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…As a follow up to the part 1 posting of this topic, and the XDR topic posted by our CTO, let’s discuss how we must deal with the…Sep 7, 2020Sep 7, 2020