Tech Zene's Corner

Cyber threat intelligence helps organizations by giving them insights into the mechanisms and implications of threats, allowing them to build defense strategies and frameworks, and reduce their  attack surface  with the end goals of mitigating harm and protecting their network. The main objective of cyber threat intelligence is to provide organizations a deeper understanding of what’s happening outside their network, giving them better visibility of the cyber threats that bring the most risk to their infrastructure. You need threat intelligence for effective defense. It’s also about prioritizing: removing false positives that constantly hit SOCs and recognizing the advanced threats and exploits the organization is most vulnerable to, so teams can take action against them. With cyber threat intelligence, you can determine if your security defense system can actually handle those threats, and improve it as necessary. Here are other major benefits to good cyber threat in...

When you're on the internet, your computer has a lot of small back-and-forth transactions with servers around the world letting them know who you are and requesting specific websites or services. In return, if everything goes as it should, the web servers should respond to your request by giving you the information you're accessing. This process, or session, happens whether you are simply browsing or when you are logging into a website with your username and password.   The session between your computer and the remote web server is given a unique session ID, which should stay private between the two parties; however, an attacker can hijack the session by capturing the session ID and posing as the computer making a request, allowing them to log in as an unsuspecting user and gain access to unauthorized information on the web server. There are a number of methods an attacker can use to steal the session ID, such as a cross-site scripting attack used to hijack session ...

Data processing takes place at a scale today that requires automation to be comprehensive. Combine data points from many different types of sources — including open, dark web, and technical sources — to form the most robust picture possible. Recorded Future uses  machine learning  techniques in four ways to improve data collection and aggregation — to structure data into categories, to analyze text across multiple languages, to provide risk scores, and to generate predictive models. 1. To structure data into entities and events Ontology has to do with how we split concepts up and how we group them together. In data science,  ontologies  represent categories of  entities  based on their names, properties, and relationships to each other, making them easier to sort into hierarchies of sets. For example, Boston, London, and Gothenburg are all distinct entities that will also fall under the broader “city” entity. If entities represent a way to sort p...

Suggestions for creating a defense in depth strategy for ports As part of your defense in depth strategy that protects against attackers targeting ports, you should be continuously monitoring for: ·          Unused open ports ·          Host-based firewalls ·          Network-based firewalls ·          Port traffic filtering ·          Strong passwords ·          Access controls ·          Penetration testing While all of these suggestions seem simple, your interconnected IT infrastructure complicates them. For example, adding more devices increases the number of ports which in turn means you need to continuously scan for unused ports. Firewalls control the way information flows across you...

Here are 9 reasons to outsource cyber security monitoring:  Services According to Compliance Regulation HIPAA, SOC, PCI DSS, GDPR – no matter which compliance the regulation you are required to follow, you likely are required to have a log of events that are happening on your network. Some organizations will purchase a SIEM tool, but not monitor or tune the tool properly. By outsourcing the management of your SIEM, you’ll have expert specialists who are able to easily identify, solve, classify and properly address the major security vulnerabilities. They can detect threats and can respond to cyber threats. Potential to Save Money  Businesses are often not able to afford the expense of an  in-house cybersecurity monitoring team of professionals . Luckily, many organizations like Cybriant offer an affordable option for  tiered cyber security services,  which could result in savings. By outsourcing cyber security services, you won’t need to hir...