Anvilogic – Medium

Anvilogic

The Conti Leaks emphasize the need for detection based on threat behaviors

How threat actors can reuse techniques and behavioral threat detections help

6 min readMay 3, 2022

--

--

Anvilogic

Reduce Log Ingestion SOC Fatigue: A Detection-First Approach

Assessment and prioritization of your SOC feeds can help reduce cost & ensure quality

4 min readApr 21, 2021

--

Reduce Log Ingestion SOC Fatigue: A Detection-First Approach

--

Anvilogic

Detect APTs, like HAFNIUM, on Day 0

Within the recent weeks security professionals have been scrounging their infrastructures, and the internet, for any HAFNIUM-related…

5 min readMar 18, 2021

--

1

Detect APTs, like HAFNIUM, on Day 0

--

1

Anvilogic

Fast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?

SOC practitioners know that the threat landscape is as complex and fast-breaking as it has ever been, and attackers are increasingly more…

2 min readMar 9, 2021

--

Fast-breaking attacks wearing you down … Sunburst, RansomExx, Hafnium, and whatever is next?

--

Anvilogic

Detecting Dependency Confusion: Supply-Chain Compromise Vector

The recent exposure of SolarWinds showed us how a determined adversary could leverage a trusted source in order to gain access to an…

5 min readFeb 18, 2021

--

Detecting Dependency Confusion: Supply-Chain Compromise Vector

--

Anvilogic

Detecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)

A recent heap-based buffer overflow vulnerability (CVE-2021–3156) in sudo was discovered with a high CVSS score of 7.8 dubbed “Baron…

4 min readFeb 5, 2021

--

Detecting the Exploitation of “Baron SamEdit” (CVE-2021–3156)

--

Anvilogic

SolarWinds Supply Chain Compromise — Is it impossible to detect?

The cybersecurity world has been spinning with the suggested reports that APT29, Russia’s elite hacking intelligence arm, has been able to…

11 min readJan 8, 2021

--

SolarWinds Supply Chain Compromise — Is it impossible to detect?

--

Anvilogic

The Pervasive Problem of Inferior Detection in your SOC!

Enterprise security operations centers (SOC) have existed for the sole purpose of detecting and responding to threats to an enterprise —…

6 min readDec 7, 2020

--

The Pervasive Problem of Inferior Detection in your SOC!

--

Anvilogic

No-code in the SOC!

The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of…

4 min readOct 20, 2020

--

No-code in the SOC!

--

Anvilogic

The Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…

As a follow up to the part 1 posting of this topic, and the XDR topic posted by our CTO, let’s discuss how we must deal with the…

3 min readSep 7, 2020

--

The Emergence of Security-Oriented Silos: A Perspective on Gartner’s 2020 Security & Risk Trends —…

--

Anvilogic

Anvilogic

Anvilogic's Multi-Data Platform SIEM is used by Enterprise SOC teams to force multiply their ability to detect, investigate, and hunt.

Following

Help
Status
About
Careers
Blog
Privacy
Terms
Text to speech
Teams