Can We Automate Threat Hunting?

Can We Automate Threat Hunting?

Threat hunting has been primarily a playground for security experts to surface unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on...

Deception Centric Defense Against Ransomware

Team Acalvio It is estimated that in 2017, damages due to the ransomware will exceed $5 billion.[8]  When successful, ransomware can not only infect the endpoint, it can also spread across the network extending its exploit. The initial versions of ransomware like...
Don’t be a sitting duck. Make your BreadCrumbs & Lures Dynamic!

Don’t be a sitting duck. Make your BreadCrumbs & Lures Dynamic!

BreadCrumbs and Lures are very critical components of any deception based architecture. As the name suggests, breadcrumbs and lures aid to divert a threat a threat actor (an individual or malware) to deception sensors. The moment the deception sensor gets tripped,...

Reflections on a conference…

This past week I’ve spent 30 hours in planes and countless more hanging around in security lines, I’ve been heated to the point of melting, tired to the point of sleeping while standing and stressed to the point of immobility (mostly my fault due to not getting all...

Technical Analysis of Petya

Acalvio Threat Research Labs   Petya is the most recent ransomware strain. It originated in Ukraine [1] and is spreading across Europe. This blog summarizes our technical analysis of Petya. Technical Analysis In addition to the encryption and ransomware...