Tag: Threat Intelligence

Do You Even DNS Log Bro?

by Will Gragido, Chief Strategy Officer – Prevailion, Inc. Intelligence analysis is dependent upon many things not the least of which are collections and access to data (e.g., pcaps, logs etc.) sourced from within the network. Prevailion affords its customers the ability to view intelligence related to real state of compromise outside the network’s perimeter. […]

Next Generation Threat Intelligence and Research: Adversary Counterintelligence

By Sanjay Raja, VP of Marketing Prevailion, Inc. Previous Generation Intelligence and Adversary Hunting A subset of Threat Intelligence or even Threat Hunting using Intelligence called Adversary Intelligence or Adversary Hunting is nothing new. Traditional threat intelligence has focused on Identifying and documenting newly discovered threats Identifying Threat Actor Tactics, Techniques, Procedures (TTPs) Delivering insights […]

The Limitations of IOCs

The Associated Press recently reported that email addresses of top DHS officials had been compromised as part of the massive SolarWinds hack. According to a DHS spokesperson, “a small number of employees’ accounts were targeted in the breach” and the agency “no longer sees indicators of compromise on our networks.” But what does that actually […]

The Newest Advancement Against Threat Actors: Compromise & Target Intelligence Realized

by Will Gragido – Chief Strategy Officer, Prevailion What You Need and Why You Need It Target intelligence is intelligence that is derived from a unique tradecraft driven counterintelligence approach that empowers security teams with immediately actionable evidence of compromise (EoC). An uncommon capability whose time has arrived after decades of failed promise and often bitter […]

Point out Risk Scores are useless

The Ugly Truth About Risk Scores and Threat Intelligence

Whether it’s vendors that provide an external grade/score of a company’s risk, threat intelligence platforms or vulnerability management vendors, everyone is looking for the ultimate “risk score”. A Risk Score is like a home inspection report. It makes us feel like we are making good decisions in buying a new home by telling us what […]

Keep Ramnit on Your Radar

Over a decade ago, security researchers at Microsoft identified a computer worm and dubbed it Ramnit. The malware family, “infects Windows executable files (.EXE) and HTML files (.HTML). It can also give a malicious hacker access to your PC. It spreads through infected removable drives, such as USB flash drives,” Microsoft warned.  Fast forward to […]

Categories

Archives

Copyright 2021 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.