Articles about threat detection

Cybersecurity benefits from being able to share information about threats in order to speed detection. In pursuit of this the Open Cybersecurity Schema Framework (OCSF) was launched last year by Splunk, Amazon Web Services (AWS), IBM and 15 other cybersecurity firms.

Today OCSF becomes generally available, delivering an open and extensible framework that organizations can integrate into any environment, application or solution to complement existing security standards and processes.

Continue reading →

Intelligence is now considered essential to the process of identifying, understanding and acting upon threats. According to the "Global Perspectives on Threat Intelligence" study conducted by Mandiant, 96 percent of decision-makers interviewed for the research believe that it is important to understand which cyber threat actors could be targeting their organization. Consequently, threat Intelligence should be fully integrated into the internal mechanisms linked to threat detection and response. 

Before detailing how intelligence can be integrated into defense tools, it is necessary to talk about the nature of intelligence, the complexity of collecting it, and how to curate, qualify and act on it in the most efficient way. Intelligence effectiveness depends on the contextualization of the elements collected in relation to a business’s specific environment. Once the qualified information is available and translated into specific formats and languages, it can then be used appropriately in detection tools, such as network detection probes, SIEMs, EDRs, etc. 

Continue reading →

Phishing attack volumes increased by 102 percent in the first quarter of 2023 according to a new report from email security and threat detection company Vade.

In the first quarter of this year Vade detected 562.4 million phishing emails, passing the previous quarter's total by 284.8 million. January accounted for the highest volume of phishing emails in Q1 with 488.5 million.

Continue reading →