Sqrrl

3 Reasons the Next NIST Update Should Include Threat Hunting

This post was originally published here by SQRRL. Are we giving our automated security tools too much credit for threat detection? Nearly half of all threats go undetected by automated security tools (44%), according to a recent LinkedIn poll to the 360,000+ member InfoSec Community. Here’s why Sqrrl is arguing to add human-driven analysis to the list of “appropriate activities […]

The Nuts and Bolts of Detecting DNS Tunneling

This post was originally published here. DNS-based attacks have been commonly used since the early 2000’s, but over 40% of firms still fall prey to DNS tunneling attacks. Tunneling attacks originate from uncommon vectors, so traditional automated tools like SIEMs have difficulty detecting them, but they also must be found in massive sets of DNS data, so […]

What is Threat Hunting in Cybersecurity Defense

This post was originally published here by Håkon Olsen. WHAT IS HUNTING AND WHY DO IT? A term that is often used in the cybersecurity community is threat hunting. This is the activity of hunting for intruders in your computer systems, and then locking them out. In the more extreme cases it can also involve […]

The Hunter’s Den: Command and Control

The Hunter’s Den blog series aims to go beyond framework and theory and dig into practical tips and techniques for threat hunting. In our previous post, we examined the practical ways that one can hunt for Internal Reconnaissance. In this post, we will take a look at how to hunt for Command and Control (C2) activity. Command and control […]

Threats Driving You Nuts? Try Threat Hunting With Sqrrl

This article originally appeared on the IBM Security Intelligence blog. Squirrels have many predators and enemies (hawks, snakes and, of course, cars), but Sqrrl shows how the hunted can become the hunter. Sqrrl is a leading threat hunting platform that is deeply integrated with IBM QRadar SIEM. Visualizing ThreatsWhen the IBM Security App Exchangelaunched in 2015, its primary goal was to […]

The Hunter’s Den: Internal Reconnaissance (Part 1)

The Hunter’s Den: Internal Reconnaissance (Part 1) By Josh Liburdi, Security Technologist at Sqrrl, and George Aquila As we laid out in our introduction, The Hunter’s Den blog series aims to go beyond framework and theory and dig into practical tips and techniques for threat hunting. This first post will focus on hunting for Internal […]

http://sqrrl.com

Sqrrl is the threat hunting company that enables organizations to target, hunt, and disrupt advanced cyber threats. Sqrrl’s industry-leading threat hunting platform unites link analysis, User and Entity Behavior Analytics (UEBA), and multi-petabyte scalability capabilities into an integrated solution. Sqrrl’s unique approach enables security analysts to discover threats faster and reduces the time and resources required to investigate them.
Share this page

Sign Up for Your Weekly
Cybersecurity Insiders Newsletter

Sign up for the free newsletter! Join thousands of cybersecurity professionals to receive the latest news and updates from the world of information security.

Thank You For Signing Up!