Intrusion detection News
May 21, 2015
A new study shows enterprises with security analytics are confident in their threat detection capabilities, while those without are overwhelmed by copious false positives and alerts.
April 28, 2015
A panel discussion at RSA Conference 2015 outlined strategic methods enterprises can use to build and advocate for an insider threat program.
April 09, 2015
Enterprises may be increasingly aware of insider threats and believe they can find and stop them, but a new SANS Institute survey suggests they may be overconfident and lack the necessary insider threat-detection technology.
March 24, 2015
At Goldman Sachs, a homegrown graph analytics platform has become a tool for compliance and fraud detection. The use case is a good one because risky behavior is also social behavior, according to an expert.
Intrusion detection Get Started
Bring yourself up to speed with our introductory content
Security luminary and White Ops co-founder Dan Kaminsky reveals the one common tool employed by remote attackers that is leading to a new way to detect malware. Continue Reading
Long-tail intrusions include advanced persistent threats (APT). However, sometimes intrusions achieved by simpler methods and malware may be used as the starting point of a long-tail intrusion and continued by downloading new code by means such as Trojans hidden by root kits and code targeting zero day vulnerabilities. Continue Reading
Breach detection systems (BDS) are a category of applications and security devices designed to detect the activity of malware inside a network after a breach has occurred. Enterprise IT uses BDS to protect against the variety of advanced threats, especially unidentified malware. Continue Reading
Evaluate Intrusion detection Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Expert Nick Lewis explores the latest spam defense methods and products that will help enterprises defend against new and emerging spam techniques. Continue Reading
The sophisticated Regin malware contains features that hackers can adopt into other enterprise malware threats. Expert Nick Lewis explains how to combat this risk. Continue Reading
Acquiring access to threat intelligence services is a relatively easy way to improve the quality of attack detection throughout the network security infrastructure of your enterprise. A threat intelligence service identifies the IP addresses, hostnames, URLs, or other characteristics of the threats associated with attacks. It then standardizes the data, which is fed to a SIEM, threat detection and other network security system (or cloud-based offering) to detect potential sources of attacks. As long as the network security infrastructure supports the feeds and has sufficient processing power to use and apply them, organizations can see a significant reduction in incidents and damage simply by adding threat intelligence feeds and enforcing policies related to the information provided by these feeds. While there is no sure-fire way to detect and prevent advanced attacks, enterprises both large and small should explore whether threat intelligence services can give them a badly needed boost.
This Buyer’s Essential guide explains what you need to know if you’re in the market for a threat intelligence service. It outlines the must-have features, like a threat intelligence score, and also explains what you need to do to ensure you benefit as much as possible from the adding a threat intelligence feed to your security system. Continue Reading
Manage Intrusion detection
Learn to apply best practices and optimize your operations.
Malware that leaves no file on disk can throw enterprises' malware-detection capabilities for a loop. Learn how to detect and defend against fileless malware. Continue Reading
Information overload from false positives and the continued failure to detect signs of advanced attacks remain major problems for security teams. Continue Reading
The Zeus malware is threatening RTF security by embedding itself in the file, which is commonly seen as safer than other file formats such as PDFs. Learn how to prevent the threat. Continue Reading
Problem Solve Intrusion detection Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Move beyond prevention to fast detection to combat a stealthy social engineering attack. Continue Reading
Spam can use a process called 'snowshoe' to evade spam filters. Enterprise threats expert Nick Lewis explains how to block snowshoe spam. Continue Reading
Enterprise threats expert Nick Lewis explains how to detect and avoid one of the most advanced malware threats: The Mask. Continue Reading