Blog

Securonix Threat Research: Detecting High-Impact Targeted Cloud/MSP $14M+ Ryuk and REvil Ransomware Attacks

Published on December 19, 2019

By Oleg Kolesnikov, Securonix Threat Research Team Updated January 3, 2019   Figure 1: Example of Recent REvil Targeted Ransomware Attack Payload Targeting Major Cloud Data Center Provider (December 2019)   The Securonix Threat Research Team has been actively investigating the details of recent, critical targeted ransomware attacks against healthcare...
Learn More

Behavioral Analytics: Telltale signs of attack deciphered

Published on December 3, 2019

By Abhishek RVRK Sharma, Senior Technical Marketing Engineer at Securonix   In security, behavioral analytics allow you to find anomalous behavior which could point to an attack. For example, look at the school of fish in the picture above. Can you find the fish behaving oddly? Take a second or...
Learn More

How MITRE ATT&CK Alignment Supercharges Your SIEM

Published on October 24, 2019

Alignment, not mapping, is the only way to truly adopt the MITRE ATT&CK Framework. Here’s how. By Abhishek RVRK Sharma, Senior Technical Marketing Engineer at Securonix   One Minute Takeaway Do you only have a minute to spare? Here’s what you need to know: MITRE methodology alignment vs. MITRE alert...
Learn More

Data Enrichment: The Key Ingredient for SIEM Success

Published on October 21, 2019

By Abhishek RVRK Sharma, Senior Technical Marketing Engineer at Securonix   Data enrichment is the key ingredient required for effective threat detection, investigation, and response. Using enriched data makes dealing with security threats easier and more efficient. Security has evolved tremendously over the years. Today there are so many security...
Learn More

Threat Chains: Combating Today’s Multi-Tier Threat Landscape

Published on October 7, 2019

By Abhishek RVRK Sharma, Senior Technical Marketing Engineer at Securonix   From a security standpoint, today’s enterprise IT environment has changed significantly over the past few years. A few years ago, a security analyst would have had to deal with separate dashboards for their antivirus, email gateway, firewall, switches and...
Learn More

Python Script or Monty Python – Competency is Important

Published on September 30, 2019

AWS and Enterprise SIEM - Why the Cloud Should Host Your SIEM By Jon Garside, Director of Product Marketing at Securonix (still just a geek in a suit) Hybrid is the new standard in defined enterprise environment. A mixture of on-premises, VM, cloud infrastructure, and cloud applications is now a...
Learn More

Counter Identity-Driven Threats With Identity Analytics and Intelligence

Published on July 24, 2019

By Abhishek RVRK Sharma, Senior Technical Marketing Engineer at Securonix   Mitigate a Major Cause of Data Breaches Identities have traditionally been managed with dedicated identity management software. That made sense when enterprise applications were on-premise, in secure data centers whose keys were only handed over to trusted agencies. Enterprise...
Learn More

The Anatomy of a Modern SIEM

Published on July 15, 2019

By Abhishek Sharma, Senior Technical Marketing Engineer at Securonix The 8 Critical Features of a Modern SIEM The cybersecurity landscape is getting more complex. Hackers continue to innovate, and business technologies generate increasing amounts of data. This is making legacy security information and event management (SIEM) solutions obsolete as they...
Learn More

Security as a Service? Making managing a complex threat environment look easy.

Published on June 26, 2019

Intellyx BrainBlog for Securonix by Jason English Comprehensive, proactive, responsive security practices were once the exclusive realm of larger companies and government institutions, with the capital and personnel to invest in running SecOps control rooms staffed with security experts. Fortunately, those centralized control days are long gone. We are erasing...
Learn More

Solve Your Healthcare Security Challenge Using Next-Gen SIEM

Published on June 3, 2019

Healthcare organizations are aware of the extremely sensitive nature of, and consequently the importance of, protecting patient data. Due to the value of personal health information (PHI), healthcare security is under attack from both external and internal threats. External attackers, drawn by the monetary value of PHI, employ increasingly sophisticated...
Learn More

Securonix Threat Research: Detecting LockerGoga Targeted IT/OT Cyber Sabotage/Ransomware Attacks

Published on April 9, 2019

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Updated April 30, 2019   Figure 1: LockerGoga Targeted Malicious Cyber Sabotage/Ransomware Implant in Action   Introduction The Securonix Threat Research Team has been closely monitoring the LockerGoga targeted cyber sabotage/ransomware (TC/R) attacks impacting Norsk Hydro (one of the largest...
Learn More

Passwort Manager: Ein nicht ganz fehlerfreies, aber notwendiges Tool

Published on April 4, 2019

von Anjola Adeniyi, securonix   Heutzutage hat so gut wie jeder eine kaum noch überschaubare Zahl verschiedener Online-Konten. Jedes einzelne von ihnen ist an sensible Daten wie Bank- und Kontoinformationen oder Adressdaten gebunden. Wer einigermaßen sicherheitsbewusst ist, der benutzt Passwort-Manager um die Zugangsdaten zu diesen Konten sicher zu speichern. Ein...
Learn More