AnvilogicThe Conti Leaks emphasize the need for detection based on threat behaviorsHow threat actors can reuse techniques and behavioral threat detections help6 min read·May 3, 2022----
AnvilogicReduce Log Ingestion SOC Fatigue: A Detection-First ApproachAssessment and prioritization of your SOC feeds can help reduce cost & ensure quality4 min read·Apr 21, 2021----
AnvilogicDetect APTs, like HAFNIUM, on Day 0Within the recent weeks security professionals have been scrounging their infrastructures, and the internet, for any HAFNIUM-related…5 min read·Mar 18, 2021--1--1
AnvilogicFast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?SOC practitioners know that the threat landscape is as complex and fast-breaking as it has ever been, and attackers are increasingly more…2 min read·Mar 9, 2021----
AnvilogicDetecting Dependency Confusion: Supply-Chain Compromise VectorThe recent exposure of SolarWinds showed us how a determined adversary could leverage a trusted source in order to gain access to an…5 min read·Feb 18, 2021----
AnvilogicDetecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)A recent heap-based buffer overflow vulnerability (CVE-2021–3156) in sudo was discovered with a high CVSS score of 7.8 dubbed “Baron…4 min read·Feb 5, 2021----
AnvilogicSolarWinds Supply Chain Compromise — Is it impossible to detect?The cybersecurity world has been spinning with the suggested reports that APT29, Russia’s elite hacking intelligence arm, has been able to…11 min read·Jan 8, 2021----
AnvilogicThe Pervasive Problem of Inferior Detection in your SOC!Enterprise security operations centers (SOC) have existed for the sole purpose of detecting and responding to threats to an enterprise —…6 min read·Dec 7, 2020----
AnvilogicNo-code in the SOC!The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of…4 min read·Oct 20, 2020----
AnvilogicThe Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…As a follow up to the part 1 posting of this topic, and the XDR topic posted by our CTO, let’s discuss how we must deal with the…3 min read·Sep 7, 2020----