How do you evaluate Carbon Black Response partners when they all promise the same things? These 7 questions can help guide your assessment.
The SANS Institute recently published the results of its annual Endpoint Protection and Response survey through a report written by Lee Neely and advised by Alissa Torres. The report includes a number of statistics and a long list of takeaways, but the key findings it uncovered are: We have too many tools We have too many alerts Neither of these … Read More
Gartner estimates that 15% of organizations will be using managed detection and response (MDR) services by 2020, up from less than 5% today. For many buyers (including myself), past bad experiences can make it difficult to consider outsourcing critical components of your security program. Whether the experience was caused by poor service, ineffective product, or a vendor who did not … Read More
A lesson I learned early in my career is that technology professionals often inherit older problems. This is especially true of administrators responsible for network services and security because they inherit the biggest snowball of problems: an enterprise network. Networks often grow in ways that make them harder to secure and maintain as they age, and admins often implement new … Read More
Red Canary’s Cyber Incident Response Team (CIRT) is comprised of two groups: detection engineers and incident handlers. Our blog posts often focus on threats we detect, but it’s rare to get a glimpse of our incident handlers in action. This article will walk through a recent threat in a customer’s environment, from the initial discovery to the incident handling team’s … Read More
Data analysis (or as some call it, Threat Hunting) can be cumbersome and overwhelming at any scale. However, Splunk has the ability to greatly reduce this complexity. In the first part of our Carbon Black Response and Splunk series, we focused on retrieving your data from Carbon Black Response and getting it into Splunk. Now it’s time to take a … Read More
It’s Halloween—my favorite time of year. If you think about most scary movies, what is it that scares us most? I propose that the scary things, the really scary things, are the ones we can’t see. From the popular (and awesome) show Stranger Things to classics like Paranormal Activity, Predator, and Aliens, the evils we cannot see are often the most terrifying. … Read More