Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Threat Detection

Articles

Sysmon Threat Analysis Guide

Over the course of my pen testing experiments for the IOS blog, I’ll often “go to the video” —  that is take a peek into the Windows Event logs —...

Read More

What is UEBA? Complete Guide to User and Entity Behavior Analytics

UEBA can either stand for “User and Event Behavior Analytics” or “User and Entity Behavior Analytics.” It extends on an early type of cybersecurity practice – User Behavior Analytics, or...

Read More

What Is Cryptojacking? Prevention and Detection Tips

We live in a digital age, with more people than ever doing most, if not all, their financial transactions and shopping online. With this also came the rise in cryptocurrencies....

Read More

What is DNS Cache Poisoning? (Aka DNS Spoofing)

DNS cache poisoning is a cyber attack that tricks your computer into thinking it’s going to the correct address, but it’s not. Attackers use DNS cache poisoning to hijack internet...

Read More

Insider Threats: Living With WMI Permanent Events

At the end of the previous post in this series, I suggested WMI permanent events, though somewhat complicated, is a more effective way for insiders to conduct surveillance on their...

Read More

What is DNS Tunneling? A Detection Guide

DNS Tunneling turns DNS or Domain Name System into a hacking weapon. As we know, DNS is a giant White Pages or phone directory for the Internet. DNS also has...

Read More

What is Endpoint Security? A Complete Guide

Endpoint security is the discipline of locking down any element of an organization that is capable of obtaining internal access to resources such as databases or servers. It is a...

Read More

What is an Insider Threat? Definition and Examples

An insider threat is a security risk that originates within the targeted organization. This doesn’t mean that the actor must be a current employee or officer in the organization. They...

Read More

What is a Security Operations Center (SOC)?

A SOC is an outsourced office that is completely dedicated to analyzing traffic flow and monitoring for threats and attacks. In today’s world of cyberattacks and data breaches, companies of...

Read More

How Varonis Helps with Email Security

Email is one of the most common points of entry for malware (at over 94%) and phishing emails are on the rise, costing companies an average of $1.6 million. Compromised...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.