Download the Report
Advanced Threat Protection
Download the Datasheet
Let's Go Threat Hunting: Gain Visibility and Insight into Potential Threats and Risks
Download the Whitepaper
Bracing for the Tidal Wave of Data Privacy Compliance in America
View Recent Catches
Catch More Threats
March 27, 2020
With most employees working from home amid COVID-19 (coronavirus) outbreak, VPN servers have now become paramount to a company's backbone, and their security and availability must be the focus going forward for IT teams. It is now more important than ever that companies and IT staff set up systems to capture metrics about the performance and availability of VPN services.
March 19, 2020
Social distancing is a term applied to certain actions that are taken by Public Health officials to stop or slow down the spread of a highly contagious disease such as COVID-19. Out of an abundance of caution and following the guidance of state and federal governments, many companies are practicing social distancing by encouraging or requiring employees to work from home.
March 12, 2020
Maintaining strong cybersecurity is crucial as organizations make impromptu decisions to send more and more employees to work from home to help minimize the spread and impact of COVID-19. Before you expand and extend your remote workforce, it’s critical that you take appropriate steps to ensure that by decreasing a health risk to your business, those same actions don’t conversely increase a cybersecurity risk.
March 06, 2020
RSA Conference 2020 has come and gone. It still maintains its status as the largest security event in the world, although attendance dipped from last year due to virus jitters and travel restrictions. While the mood at RSA Conference (RSAC) overall was a bit more subdued than in the past, attendee engagement with the Netsurion team to discuss co-managed SIEM in the expo hall was at an all-time high.
December 12, 2019
Just like locking your front door is crucial to protect your house, monitoring account logins to organizational servers and workstations is crucial to detect password cracking attempts. Enhance your security operations to continuously improve visibility and defenses.
September 30, 2019
Threats and threat actors continue to evolve and morph, creating advanced and even more dangerous tactics to mitigate. October is National Cybersecurity Awareness Month (NCSAM). NSCAM 2019 centers on the theme of Own IT. Secure IT. Protect IT., advocating a proactive approach to enhanced cybersecurity in the workplace and at home.
September 25, 2019
The ELK (Elasticsearch, Logstash, Kibana) stack is a popular open source log analysis and management platform. The collection, processing, normalization, enhancement, and storage of log data from various sources are grouped under the term “log management.”
September 13, 2019
While nation-state threat actors and external hackers often garner the headlines, insider threats are an often-overlooked threat vector. Rockwell-Boeing, Anthem Healthcare, and Capital One are just a few organizations with damaging data breaches caused by insiders.
August 20, 2019
A financially motivated ransomware gang hit 23 local governments in Texas in a coordinated attack last week. Ransomware is a type of malicious software, often delivered via email or drive-by web downloads, that locks up an organization’s systems until a ransom is paid or files are recovered by other means such as backup restoration.
August 08, 2019
At Black Hat 2019, Eric Doerr, GM of the Microsoft Security Response Center, reminded attendees of the interconnectedness of enterprise software supply chains and of their vulnerability to attack.
August 05, 2019
It has grown more challenging to protect patient privacy and secure sensitive data under HIPAA (Health Insurance Portability and Accountability Act) as the volume and persistence of cyber attacks have increased in recent years. Healthcare institutions often have vast databases of sensitive information such as credentials and credit card data that cyber criminals seek to monetize and sell on the dark web.
July 23, 2019
Just how much should you be spending on IT Security? It’s a vexing question to answer for many reasons as each situation has their unique circumstances and factors. But here are some insights garnered over the last decade in cybersecurity.
July 10, 2019
Is your organization still using Windows 7? Microsoft support is coming to a close in a few short months. If you think end-of-support for legacy systems doesn’t impact your organization, think again.
June 04, 2019
Overwhelmed by the hype from security vendors in overdrive? Notice the innovation and trends and feel like jumping on the bandwagon? It’s a urge that many buyers in mid-size companies feel and it can be overpowering. That flashy vendor demo, that rousing speech at a tradeshow, that pressure of keeping up with the Joneses. So what have you done for your security lately is a nagging thought.
April 03, 2019
Increasing complexity and frequency of attacks have escalated the need for detection of attacks and incident response. Endpoints are the new battleground as they are a) more pervasive across the network, b) more commonly used by non-IT personnel, and c) less well-defended by IT teams who first move to secure the data center. Endpoint detection and response (EDR) solutions meet the need to rapidly investigate large numbers of systems for evidence of malicious activity, quickly uncover, and then remediate attacks and incidents.
March 19, 2019
Did you know that Microsoft is a security vendor? No, it’s true. For years, the company was hammered by negative public perception and the butt of jokes around the 2002 "trustworthy computing" memo. The company has steadily invested in developing a security mindset and the product results are now more visible to the public.
February 25, 2019
Over 7 billion global devices in an always on and continuously connected world create a soft target for today’s attacker. Whether working to monetize data or make a political statement, adversaries are well funded and staffed in the battle for endpoint access and control.
January 31, 2019
We recently released the findings of the Security Information and Event Management (SIEM) study conducted by Cybersecurity Insights. The study surveyed over 345 IT and Security executives and practitioners, with 45% of them small and mid-sized firms with 999 or fewer employees and the balance comprised of enterprise organizations with 1,000 or more employees.
January 24, 2019
If you think your organization is too small to be targeted by threat actors, think again. Over 60% of organizations have experienced an exploit or breach, so the stealthy and ever-evolving hacker may already be in your organization performing reconnaissance or awaiting strategic command and control (C&C) instructions.
December 10, 2018
The year 2018 saw ransomware families such as CryptoLocker and variants like Locky continue to plague organizations as cybersecurity adversaries morph their techniques to avoid detection. Several massive data breaches this year include Quora, Ticketmaster, and Facebook that exposed over 200 million records worldwide. While high-profile breaches may make the news headlines, over 60% of small and mid-sized firms have experienced data loss or a breach themselves.
October 05, 2018
In simpler times, security technology approaches were clearly defined and primarily based on prevention with things like firewalls, anti-virus, web, and email gateways. There were relatively few available technology segments and a relatively clear distinction between buying security technology purchases and outsourcing engagements.
October 03, 2018
A hot trend in the Managed Service Provider (MSP) space is emerging, transforming from an MSP to a Managed Security Service Provider (MSSP). Typically, MSPs act as an IT administrator, however, the rapid rise of cloud-based Software-as-a-Service (SaaS) is reducing margins for MSPs. This change is forcing MSPs to compete on price, causing buyers to become less loyal.
September 17, 2018
Advances in data analytics and increased connectivity have merged to create a powerful platform for change. Today, people, objects, and connections are producing data at unprecedented rates. According to DOMO, 90% of all data today was created in the last two years with a whopping 2.5 quintillion bytes of data being produced per day. With more Internet of Things (IoT) devices being produced, new social media outlets created, and the increasing number of people turning to search engines for information, the numbers will continue to grow.
September 11, 2018
When it comes to selling security, one of the major challenges faced by managed services providers (MSPs) is changing the mind set of small- and medium-sized business (SMB) owners. With massive breaches hogging news headlines today, security is hard to ignore—yet many SMBs choose to do so because they don’t realize how “at risk” they may be.
September 04, 2018
Breaches continue to be reported at a dizzying pace. In 2018 alone, a diverse range of companies — including Best Buy, Delta, Orbitz, Panera, Saks Fifth Avenue, and Sears — have been victimized. These are not small companies, nor did they have small IT budgets. So, what’s the problem? Threats are escalating in scope and sophistication. Often times, new technologies are added to the enterprise network and not fully tested for security flaws. This creates issues for security teams, making it difficult to defend gaps and protect against persistent threats. Another issue facing security team is over emphasis on prevention has caused an under investment in security monitoring and incident response. Is your team faced with any of these three issues that can lead to failure to respond to incidents, malware, and threats properly?
August 31, 2018
Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web services insecure, potentially exposing millions of plain-text passwords. But don’t panic. Though the recent vulnerability has a more terrific name than HeartBleed, it is not going to cause as much danger as HeartBleed did.
August 31, 2018
With data breaches and Snowden-like information grabs, I’m getting increased requests for how to track data moving to and from removable storage, such as flash drives. The good news is that the Windows Security Log does offer a way to audit removable storage access. I’ll show you how it works, and since EventTracker has some enhanced capabilities in this area, I’ll briefly compare native auditing to EventTracker. Removable storage auditing in Windows works similar to and logs the exact same events as File System auditing. The difference is in controlling what activity is audited.
August 31, 2018
There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the logon type in event ID 4624 whenever you log on. Logon type allows you to determine if the user logged on at the actual console, via remote desktop, via a network share or if the logon is connected to a service or scheduled task starting up.
August 30, 2018
Implement a Central Collection System Microsoft has made some considerable changes to event management in Windows Vista. But are these changes enough to help you control your entire infrastructure? This article is the last in a series that looks at Vista event management.
August 29, 2018
Logging for Incident Response: Part 1 – Preparing the Infrastructure From all the uses for log data across the spectrum of security, compliance, and operations, using logs for incident response presents a truly universal scenario –you can be forced to use logs for incident response at any moment, whether you’re prepared or not.
See EventTracker in action!
Join our next live demo April 8th at 2:00 p.m. EST.