Cyber Security

The Three Top Reasons Why We Need a Better Approach to Threat Detection and Response

by Ben Kapon

posted at April 23, 2017

Despite the fact that in 2016, President Obama directed his Administration to implement a Cybersecurity National Action Plan, with the intention to spend over $19 billion on technologies that ostensibly block or detect threats, the number of breaches just keeps growing.  Experts point to many reasons why. The approach of spending more money on more non-integrated,

Prevention Alone Isn’t Enough— How Do You Move on to Detection & Response?

by Ben Kapon

posted at February 13, 2017

In our previous blog post, we spoke about the industry trend to move beyond prevention to an adaptive approach to security that integrates detection and response. But why is prevention not enough, and what should you look for when you make the switch? Threats are more sophisticated than ever before Cyber attacks are growing in

Detecting C&C Server Communications – Context is Key

by Israel Aloni

posted at November 29, 2016

By now, the concept of the cyber Attack Chain (or kill chain) is widely accepted as a way to understand and deal with threats. Just to refresh your memory, here is Gartner’s take: Source: Gartner As you can see, the first thing that malware does once it’s established on the network is call home –

Revealing the Long-Term Costs of Building an Advanced Cyber SOC

by Ben Kapon

posted at November 22, 2016

Aware of the dangers and probability of suffering a data breach, organizations are rethinking their security posture. They realize that the traditional prevention-based security model, based on signature-based perimeter tools, is no longer effective against advanced cyber threats. To avoid being the next victim of a high-profile data breach, organizations are seeking advanced and post-breach