False positives Archives

Solved: A Dramatic Reduction in False Positives and False Negatives

Posted by Teresa Wingfield ON Nov 25, 2019

The efficiency of any network security strategy depends on having accurate and complete visibility into what’s going on. As part of this process, SOC analysts need to investigate security alerts as these warning messages are, in theory, clear signs of a security incident. That’s not always...

A Day in the Life of a SOC Analyst Just Got Better

Posted by Mustafa Rassiwala ON Nov 18, 2019

SIEM and EDR Are a Good Start, But… When an organization is starting out with a SOC, it typically implements Security Information and Event Management (SIEM) first. As the SOC matures, it adds Endpoint Detection and Response (EDR). While this combination improves security, the day in...

What Your Plan for AI-Powered Cybersecurity Should Look Like

Posted by Teresa Wingfield ON Nov 7, 2019

We’re overloaded by security alerts these days. The Anticipating the Unknowns: Chief Information Security Officer (CISO) Benchmark Study reveals that 41 percent of participants received more than 10,000 security alerts per day. A much smaller number (about one percent of respondents) even reported seeing over...

What You Hate About Your IDPS – It Floods Your SOC with Alerts

Posted by Teresa Wingfield ON Oct 22, 2019

5 Things You Hate About Your IDPS is a new white paper from Lastline that describes how decades old intrusion detection and prevention systems (IDPS) leave your organization vulnerable. The first thing you hate about your IDPS is that it floods your SOC with alerts. According...

Too Many False Positives? Detox Your SOC

Posted by Teresa Wingfield ON Oct 1, 2019

Even after implementing SOAR, SIEM, IDPS and other technologies to improve security insights, companies are still spending thousands of hours triaging alerts that are mostly false positives. The alert workload is driven by many factors, including: More security tools: The average enterprise uses 75 security...

HELO Winnti: Attack or Scan?

Posted by Jason Zhang and Stefano Ortolani ON Sep 30, 2019

Since its first attack was discovered nearly a decade ago, Winnti has evolved into an advanced and sophisticated toolkit leveraged by several actors such as APT17, Axiom, Barium, and PassCV, just to name a few. All these actors have been sharing core tactics, techniques, and...

Network Security Solutions: Be Wary of the Hype Around AI

Posted by Mustafa Rassiwala ON Feb 27, 2019

How many times have you seen a trailer for a new movie that makes it looks absolutely fabulous? Special effects, big name actors, promised plot twists. But then when you actually see the movie it’s another Hollywood formula movie that’s not nearly as inspiring or...

AI Done Right – Not all AI-powered Network Security is Created Equal

Posted by Bert Rankin ON Feb 13, 2019

Here at Lastline, we talk a lot about AI Done Right™. But what does that mean? And how is our utilization of AI different from that of other vendors? Today, I’d like to take the opportunity to explain. To start, let’s look at why artificial...

Solved: A Dramatic Reduction in False Positives and False Negatives

A Day in the Life of a SOC Analyst Just Got Better

What Your Plan for AI-Powered Cybersecurity Should Look Like

What You Hate About Your IDPS – It Floods Your SOC with Alerts

Too Many False Positives? Detox Your SOC

HELO Winnti: Attack or Scan?

Network Security Solutions: Be Wary of the Hype Around AI

AI Done Right – Not all AI-powered Network Security is Created Equal

LATEST PRESS RELEASES

Lastline Unveils Defender 9.0 to Enhance Public Cloud Workload Security

MEDIA MENTIONS

Containers and Security: Complexity Makes it Easy to Overlook Problems

FROM THE BLOG

Stop Ransomware with Network Detection and Response