Detection News, Articles and Updates

The evolution of analytics in threat detection

Cyber threats are evolving quickly. Fortunately, so is incident detection and response (IDR), powered by data explains Eric Sun, with techniques such as honeypots identifying suspect behaviour.

Effective incident response: not as easy as it seems!

Given shortages of skilled staff, Ryan Benson says we need to change processes or adopting new technologies then get better at managing data at scale, at automating the tasks that slow down analysts.

The halting problem - why malware detection is doomed to fail

Ian Pratt discusses how and why the traditional detection-based approach employed by so many solutions doesn't work. Detecting every malicious program is mathematically impossible - so build proactive defences.

IT pros in financial services assert ability to detect breaches

Data breaches in the worlds of banking, credit and finance have nearly double between 2014 and 2015 according to the Identity Theft Resource Centre's 2015 Breach List report. Despite being unsure of how long it would take, IT pros in financial services are very confident in their ability to detect a breach.

Insider threats are present in 100% of studied environments

Insiders pose the biggest risk to business data since they are given trusted access to sensitive data, yet they often go completely undetected.

Incident response - time is of the essence

Cyber-attacks are a top threat to organisations today; however, despite an increased effort to keep up with the rising scale and complexity of threats, IT teams are struggling to defend their networks, says Mike Smart.

Living with the enemy

Preference for technical solutions, rather than organisational change is resulting in over-investment in stopping cyber-attacks rather than detecting attacks and defending data says James Henry.

Rombertik malware takes down PC if detected or analysed

A new strain of malware has been found to wipe an infected hard drive if it is detected or analysed.

Bruce Schneier: 'Incident response is failing'

Renowned cryptographer Bruce Schneier took aim at the security industry and poor incident response planning during a typically forthright talk in London yesterday.

Improving real-world security: Think resiliency

Resiliency is moving up the agenda, for both attackers and defenders, says Fred Kost, who adds that systems need to be built - and tested - to assure safety.

Anti-virus is dead - but ghosts get chased

Symantec declares AV dead. Not everyone agrees, though FireEye researchers say most malware is gone before AV starts looking.

Different approaches to security under development

IDS platform uses expert-led reinforcement of learned behaviour and decision-making

Sourcefire boosts remediation technology with trajectory and indictators of compromise features

Sourcefire has added file detection and trajectory software to allow visibility of threats for remediation.

McAfee moves into advanced malware detection arena, with new sandboxing technology

McAfee has announced the acquisition of ValidEdge to add sandboxing technology to its anti-malware offering.