Cybersecurity Blog: The Cyber Scene is evolving, are you?

As a manager of a Security Intelligence Center (SIC), I can say first hand that few things are more frustrating than investing in a cybersecurity product that fails to deliver what your security team truly needs to be successful when it comes to true situational awareness.

Read more

Lockheed Martin Cyber Kill Chain® Prominent Component of NTT Group’s 2016 Global Threat Intelligence Report

This year’s Global Threat Intelligence Report (GTIR) provides organizations the data needed to disrupt attacks. Solutionary, an NTT Group company, partnered with Lockheed Martin on their 5th annual GTIR. 2016 is the first year the report included partners with the goal of an expanded view of the threat landscape, and more analysis of attacks, threats and trends from last year. The 2016 GTIR includes information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks, and 8,000 security clients across 6 continents.

The report uses last year’s attack information and the Lockheed Martin Cyber Kill Chain to highlight practical application of the Cyber Kill Chain and explain a comprehensive strategy to enable effective security across the entire organization.

Read more

Palisade® Threat Intelligence Management and Analyst Workflow Platform 3.5 Release

The Leidos product engineering team announces the release of Palisade® 3.5. The latest version of our threat intelligence management platform includes improved search capabilities, an expansion of our API, increased support of STIX™ files and CybOX™ objects, and the ability to automatically extract indicators from a block of text to easily add to your database.

Read more

The need for visibility, control and awareness now extends beyond your network.

There is an old adage “loose lips sink ships”. Is your organization providing cyber-criminals information for free? You’d answer, “Of course not!". On the face of it this question seems ridiculous to even ask. However, cyber-criminals are becoming more sophisticated. As an adversary’s tactics and strategies evolve, cybersecurity organizations need to be aware of the unwitting exposure of secure information on social media. This approach is on the rise and fast becoming the preferred strategy for many cyber-criminals to perform the “reconnaissance” step in an analysis framework, such as the Cyber Kill Chain®.

Read more

I give myself good advice, but I seldom follow it.”

 

– Alice in Wonderland

In the threat intelligence space, vendors market threat feeds as a source of “good advice”. But are subscription based threat feeds truly providing actionable intelligence? A challenge for any SOC operations manager is to determine if their threat feed is really creating value or just a barage of alerts that send their analyst teams “down a rabbit hole”.

Read more

As previously discussed (TIP Defined blog post), a properly employed Threat Intelligence Platform can enable an organization to take a more effective approach to computer network defense. In this post we will delve a bit deeper into how a Threat Intelligence Platform (TIP) can act as a tool for incident response and investigations, becoming a central hub for SOC operations performing with an Intelligence Driven Defense®mindset.

Read more

One of the most important aspects of cybersecurity is intelligence. Fighting and defending against constant attacks without the proper knowledge of who they are, how and why they are attacking, as well as a lack of understanding of the characteristics that signal an attack can lead to a massive data breach or disruption of service.

Read more

Arguably one of the most important aspects of cybersecurity is Threat Intelligence. Yet despite its importance, this particular discipline as part of a solid security posture is often underestimated in terms of importance.

The consulting company, Forrester, defines threat intelligence as the details of the motivations, intent and capabilities of internal and external threat actors. Forrester extends their definition of Threat Intelligence to include specifics on the tactics, techniques and procedures that hackers and Advanced Persistent Threats employ within their attacks. - Threat Intelligence Buyer’s Guide SANS CTI Summit, 10 February 2014.

Read more