Threat Detection and Response, Page 2

Testing a Threat Pattern: Quality is Never an Accident

John Ruskin, one of the great visionaries of the 19th century, said “Quality is never an accident; it is always the result of intelligent effort”, in our continuing journey through the lifecycle of a threat pattern, we are now at the testing phase. After analyzing  requirements, asset and threats, designing a general and reusable model for the threat pattern and implementing the…

The GDPR and your data protection obligations

The focus is growing for the European Union’s forthcoming “General Data Protection Regulation,” or GDPR. As its May 25, 2018 implementation date draws nearer, organizations are starting to understand the magnitude of change this major regulation will drive. It is not only EU-based organizations that are subject to the GDPR’s requirements. If your company stores…

RSA NetWitness® Suite named a leader in The Forrester Wave™: Security Analytics Platforms

We are excited to announce the RSA NetWitness® Suite has been named by Forrester® Research as a leader in The Forrester Wave™: Security Analytics Platforms, Q1 2017. RSA NetWitness Suite earned perfect marks in the Forrester Wave report for scalability, detection technologies, user behavior analytics, endpoints, integrated network analysis and visibility, and threat intelligence. According…

Calm the Churn with the RSA Archer Ignition program

If as a child you marveled at watching the simple, fascinating micro-example of physics of a pebble dropped into a puddle, you know what the results are. The pebble drops; the water’s surface is broken; ripples fan out from the point of impact… such an unassuming yet beautiful study of cause and effect.   Now, imagine…

Kingslayer – A Supply Chain Attack

Today, RSA is publishing new research on a sophisticated software supply-chain attack – dubbed “Kingslayer”. RSA Research investigated the source of suspicious, observed beaconing thought to be associated with targeted malware. In the course of their investigation, RSA discovered a sophisticated software supply-chain attack involving a Trojan inserted in otherwise legitimate software; software that is…

Schoolbell: Class is in Session

by Kent Backman and Kevin Stear, RSA Research Backstory If a sophisticated exploitation campaign is broad enough, it will attract the attention of multiple threat researchers. Such is the case of the malicious, multi-faceted exploitation campaign and botnet RSA Research has dubbed “Schoolbell.” In this blog, RSA will build on existing industry research and dig…

Are Software Supply Chain Attacks the New Norm?

How many of us stop to think about updating software we use every day? Do you think “maybe I should check for threats on this before I install it?” Or do you wait for it to automatically update? For many of us, we don’t consider the security of the everyday software we use. This is…

3 Steps to a Secure ICS Network

Industrial Control Systems (ICS) attacks have a direct impact on people’s lives. The consequences of these attacks can be unpredictable, which is why ICS protection is a hot topic in security right now. Defining the right protection layer and best approach to secure communications in this environment is crucial. Historically, ICS departments operated independently from…

“Up Your Game” to Close the Security Skills Gap

Ask any CISO to name the top challenges of the job, and their first response is likely to be the security “skills gap” – the inability to find enough skilled people to handle an organization’s security needs. With over 200,000 security jobs unfilled in the U.S. alone, organizations, especially security operations centers (SOCs), are continuously…

Mastering the implementation of a Threat Pattern

In previous posts we have discussed two of the most critical phases in the “The Lifecycle of a Threat Pattern”: analysis and design. In the analysis phase the objective is to fully understand the asset in scope by getting deeper into the context to formulate a set of residual risks to which the asset might be…