Trying to decipher Cybersecurity jargon can feel like trying to make sense out of a spoonful of alphabet soup. Is your SIEM equipped with sufficient NTA? What about your XDR? Or wait, was it NDR? What’s IRM, anyway? And whatever happened to UEBA?
Network Traffic Analysis
In what the New York Times is calling, “One of the most sophisticated and perhaps largest hacks in more than five years,” malicious adversaries acting on behalf of a foreign government, likely Russian, broke into the email systems of multiple U.S. Federal agencies including the Treasury and Commerce Departments.
Despite its inherent flaws, today’s SIEM software solutions still shine when it comes to searching and investigating log data. One effective, comprehensive approach to network security pairs the best parts of SIEM with modern, AI-driven predictive analysis tools. Alternatively, organizations can replace their outdated SIEM with a modern single platform self-learning AI solution.
When it comes to advancements in cybersecurity, rule-based systems are holding the industry back. Relying on humans to constantly input and label rules in order to detect and stay ahead of threats is a bottleneck process that is setting security teams up for failure, especially with tools like SIEM, NDR, and NTA.
MixMode creates a generative baseline. Unlike the historically-based baselines provided by add-on NTA solutions, a generative baseline is predictive, real-time, and accurate. MixMode provides anomaly detection and behavioral analytics and the ability to suppress false positives and surface true positives.
Most SIEM vendors acknowledge the value of network traffic data for leading indicators of attacks, anomaly detection, and user behavior analysis as being far more useful than log data. Ironically, network traffic data is often expressly excluded from SIEM deployments, because the data ingest significantly increases the required data aggregation and storage costs typically 3-5x.
Artificial Intelligence – or AI – has become a buzzword since it emerged in the 1950s. However, all AI systems are not created equal. In our white paper, “Self-Supervised Learning – AI For Complex Network Security,” Dr. Peter Stephenson explains the different “waves” of artificial intelligence. He uses the DARPA definitions for each of these …
For the past few years, many have been talking about the changing “threat landscape” as it pertains to the increase in zero day, insider and phishing threats. While all of these threats are on the rise, and constitute a concern, there is, perhaps, an even larger shift presenting a threat to enterprises – the shift …
COVID-19 has caused most corporate businesses that remain open to shift to a work from home, remote workplace. Because of this, the cybersecurity industry has been turned on its head. Security teams went from monitoring and protecting established network environments to quickly pivoting their tools, resources, and oversight to manage a distributed workforce. This has …