Introduction The Cisco Telemetry Broker celebrated its release earlier this month on April 1st. In my previous blog, The Rise of Telemetry Architecture, I discussed how the Cisco Telemetry Broker can help you develop a healthy telemetry architecture. This time around, I’ll be taking a look at what went into creating the product, how its roots in the Stealthwatch UDP Director … [Read more...] about Meet the Cisco Telemetry Broker Team: Sunil Amin
Team
Red Team — Automation or Simulation?
What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, the difference runs deeper. In a nutshell, a pen-test is performed to discover … [Read more...] about Red Team — Automation or Simulation?
How the Falcon Complete Team Stopped an RDP Attack [Part 1]
Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how the Falcon Complete managed detection and response (MDR) service operates as an extension of the customer’s security team to quickly detect, investigate and contain an active attacker before they’re able to complete their goal. Once this … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 1]
How the Falcon Complete Team Stopped an RDP Attack [Part 2]
In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by CrowdStrike® Falcon CompleteTM experts. In this installment, we’ll walk you through remediation efforts, highlighting Falcon Complete’s ability to directly eject a threat actor and bring the customer’s environment back to a clean, operational … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 2]
The impact of a diverse cybersecurity team
Security Stories podcastIn the latest episode of the Security Stories podcast, we meet the wonderful Marene Allison. She will shortly be celebrating her ten year anniversary as Vice President and CISO for Johnson & Johnson. With more than 260 companies in 60 countries worldwide, J & J is a global leader in consumer health, pharmaceutical products, and medical … [Read more...] about The impact of a diverse cybersecurity team
Using CESA to Solve Endpoint Blindness for a World Class InfoSec Team
Cisco has an amazing set of products like AMP for Endpoints and Cisco Umbrella protecting devices from advanced malware threats. There were other user and endpoint scenarios that remained unsolved until we introduced the new Cisco Endpoint Security Analytics (CESA) solution that was recently announced. CESA provides an unprecedented level of endpoint and user networking … [Read more...] about Using CESA to Solve Endpoint Blindness for a World Class InfoSec Team
Cybersecurity is a Team Sport
The world is facing a collective challenge with a growing cyber threat landscape. Trends like the Internet of Things (IoT) and 5G are expanding the attack surface with over 40 billion devices expected online within five years. A new wave of advanced ransomware may cost our global economy up to $20 billion by the year 2021. Countries and regions alike are struggling to create … [Read more...] about Cybersecurity is a Team Sport