According to the Ponemon’s 2019 Cost of a Data Breach Report, the time between when a data breach incident occurs and when the breach is finally contained (also known as the breach lifecycle) grew noticeably between 2018 and 2019. The average time to identify a...
We have already shared three of the top five things customers tell us that they hate about their standalone IDPS: it floods the SOC with alerts, lacks visibility into lateral movement of threats inside the network and does not detect enough. Now, I’ll discuss the...
Lastline is a sponsor of the SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters. This year’s survey gathered data from 575 respondents mostly from small/medium and medium/large organizations that work in threat hunting or alongside threat hunters. The goal of...
The efficiency of any network security strategy depends on having accurate and complete visibility into what’s going on. As part of this process, SOC analysts need to investigate security alerts as these warning messages are, in theory, clear signs of a security incident. That’s not always...
Why Analysts Recommend Integrating Network Detection and Response (NDR) with SIEM and EDR When an organization is starting out with a SOC, it typically implements Security Information and Event Management (SIEM) first. As the SOC matures, it adds Endpoint Detection and Response (EDR). While this combination...
We’re overloaded by security alerts these days. The Anticipating the Unknowns: Chief Information Security Officer (CISO) Benchmark Study reveals that 41 percent of participants received more than 10,000 security alerts per day. A much smaller number (about one percent of respondents) even reported seeing over...
5 Things You Hate About Your IDPS is a new white paper from Lastline that describes how decades old intrusion detection and prevention systems (IDPS) leave your organization vulnerable. The first thing you hate about your IDPS is that it floods your SOC with alerts. According...
Even after implementing SOAR, SIEM, IDPS and other technologies to improve security insights, companies are still spending thousands of hours triaging alerts that are mostly false positives. The alert workload is driven by many factors, including: More security tools: The average enterprise uses 75 security...
Since its first attack was discovered nearly a decade ago, Winnti has evolved into an advanced and sophisticated toolkit leveraged by several actors such as APT17, Axiom, Barium, and PassCV, just to name a few. All these actors have been sharing core tactics, techniques, and...
How many times have you seen a trailer for a new movie that makes it looks absolutely fabulous? Special effects, big name actors, promised plot twists. But then when you actually see the movie it’s another Hollywood formula movie that’s not nearly as inspiring or...
This is an necessary category.
This is an non-necessary category.
