Blog

Security as a Service? Making managing a complex threat environment look easy.

Published on June 26, 2019

Intellyx BrainBlog for Securonix by Jason English Comprehensive, proactive, responsive security practices were once the exclusive realm of larger companies and government institutions, with the capital and personnel to invest in running SecOps control rooms staffed with security experts. Fortunately, those centralized control days are long gone. We are erasing...

Learn More

Solve Your Healthcare Security Challenge Using Next-Gen SIEM

Published on June 3, 2019

Healthcare organizations are aware of the extremely sensitive nature of, and consequently the importance of, protecting patient data. Due to the value of personal health information (PHI), healthcare organizations are under attack from both external and internal threats. External attackers, drawn by the monetary value of PHI, employ increasingly sophisticated...

Learn More

Securonix Threat Research: Detecting LockerGoga Targeted IT/OT Cyber Sabotage/Ransomware Attacks

Published on April 9, 2019

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Updated April 30, 2019 Figure 1: LockerGoga Targeted Malicious Cyber Sabotage/Ransomware Implant in Action Introduction The Securonix Threat Research Team has been closely monitoring the LockerGoga targeted cyber sabotage/ransomware (TC/R) attacks impacting Norsk Hydro (one of the largest...

Learn More

Threat Hunting Architecture

Published on March 27, 2019

By Rohit D. Sadgune, Senior Security Solution Engineer, Securonix Introduction Threat hunting is an essential skill for organizations with mature security operations centers. In this blog I will lay out an essential framework for the two different classifications of threat hunting as well as several threat hunting models that...

Learn More

Why accurate attack attribution is critical in cybersecurity

Published on February 22, 2019

By Igor Baikalov, chief scientist at Securonix Read this article on SC Magazine UK The Internet favours anonymity by design. Despite being an obvious boon to cybercriminals and terrorists, anonymity has long been touted to be a worthy price to pay for supporting the foundations of democracy: privacy...

Learn More

Securonix Threat Research: Detecting Persistent Cloud Infrastructure/Hadoop/YARN Attacks Using Security Analytics: Moanacroner, XBash, and Others

Published on January 24, 2019

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Figure 1: Moanacroner Establishes Persistence After Initial Cloud YARN/Hadoop Infection Using Crontabs Introduction In recent months, we have been observing an increase in the number of automated attacks targeting exposed cloud infrastructure/Hadoop/YARN instances. Some of the attacks we...

Learn More

Detecting Phishing and Account Compromise in Office 365

Published on November 5, 2018

by Aditya Tirumalai Sundararam and Akshay Nayak What was once yours is now mine… Deep dive into a series of cyberattacks involving phishing and account compromise The information security is always in a state of flux. Both offensive and defensive techniques keep evolving. But as Ulysses S. Grant put it “War…War never...

Learn More

The Top Seven Cybersecurity Horrors

Published on October 31, 2018

…and how to protect yourself It’s Halloween! And before the night exposes the horrors from the netherworld, most of us still have to get through the wacky costumes at work. Just the same, the cybersecurity demons do not slow down, and our SOC superheroes must continue to save the world...

Learn More

Securonix Threat Research: British Airways Breach: Magecart Formgrabbing Supply Chain Attack Detection

Published on October 29, 2018

By Oleg Kolesnikov and Harshvardhan Parashar, Securonix Threat Research Team Updated November 6, 2018 Figure 1: Magecart modernizr-2.6.2.min.js Obfuscated Formgrabbing Payload from British Airways Attacks Introduction The data breach suffered by British Airways earlier this year affected around 380,000 customers and resulted in the theft of customer data...

Learn More

Securonix and Cylance: End-to-End AI-Enabled Security Intelligence and Threat Prevention

Published on October 11, 2018

Suspicious activity on the endpoint is usually an indicator that a larger cybersecurity threat or attack is occurring. Your users are continually targeted by various attacks–phishing, malicious websites, session-based attacks and more—that end up playing out on the endpoints inside your organization. While understanding anomalous behaviors on your endpoints is...

Learn More

Securonix and ServiceNow Integration Enables Rapid Response to Security Incidents

Published on October 5, 2018

Data breaches continue to grow at a rampant pace. According to the 2018 Verizon Data Breach report, there were over 53,000 incidents and 2,216 confirmed data breaches in 2017. The report goes on to say that the time to compromise continues to be very short - within seconds or minutes....

Learn More

Partner Perspectives: Integrate your SIEM, UEBA + EDR Solution with Securonix and Carbon Black

Published on October 4, 2018

By Nitin Agale, Senior VP of Products for Securonix Your endpoints are a valuable part of your enterprise structure. They are the computers your employees use and the servers your company depends on. Defending your endpoints is important, but it’s critical that your endpoint defense is just one part of your...

Learn More

Get the latest news: