How Network Detection and Response Roots Out Top Security Threats
Cyberattacks continue to evolve and bombard organizations across all sectors. New and unknown risks arise all the time, exposing enterprises to more threats than ever before. In order to keep up with the constantly expanding threat surface, organizations need complete...
10 Things You Might Not Know About Network Detection and Response
Are you looking to learn more about Network Detection and Response? Here are the answers to some frequently asked questions we receive about NDR. Want to learn more? Contact us today to speak with a ThreatWarrior expert and see how an NDR...
How Unsupervised Neural Networks and Network Detection and Response Provide Direct Benefit to SOC and SecOps Teams
ThreatWarrior has developed a network detection and response (NDR) solution based on unsupervised neural networks. Our NDR implementation is made unique and valuable through a set of neural networking design principles. By utilizing unsupervised machine learning (ML),...
Unsupervised Neural Networks: A Big Step Forward From Today’s AI Implementations
AI has been employed within security products for decades. However, until fairly recently the vast majority of AI usage would have been predominantly underpinned by rule-based algorithms and bayesian reasoning. In the last few years, many security solution providers...
The Rise of AI in Cybersecurity: A Primer on Machine Learning, Neural Networks, and Deep Learning
Artificial Intelligence (AI) is poised to transform the field of cybersecurity by enabling machines to work and learn like humans. However, many security leaders and practitioners are at the beginning phases of understanding how the AI in cybersecurity transformation...
How ThreatWarrior Contextual Insights™ Helps Stop Breaches
It’s no secret that as attackers become more sophisticated, they are increasingly able to evade security measures and infiltrate organizations through a growing number of attack vectors. From remote connections and IoT devices to legacy technologies and cloud...
Securing the Nation’s Critical Infrastructures
Recently, CRC Press published Securing the Nation’s Critical Infrastructures: A Guide for the 2021–2025 Administration. In it, ThreatWarrior's founder and CTO, Pete Slade, authored an essay along with Institute for Critical Infrastructure Technology (ICIT) Fellow Dave...
Top 5 Questions from CrowdStrike Fal.Con
Last week, ThreatWarrior attended Fal.Con 2022 live in Las Vegas to connect with cybersecurity insiders, discuss how we work with CrowdStrike to extend threat protection across the enterprise, and share why network detection and response (NDR) is critical to any...
Threat Hunting: Moving Beyond Detection and Response
In recent years, you’ve likely heard the term “threat hunting” buzzing around the cybersecurity industry. There are different ideas for what it means, different standards for what it takes to achieve, and different processes for what it looks like, though there are...
Ransomware Protection with ThreatWarrior
Ransomware is growing at an alarming rate -- up 150% in 2020 and spiking even higher in 2021, with more than half of infected businesses paying the ransom. (1) The list of high-profile ransomware attacks grows almost daily, affecting government agencies, critical...
DarkSide Ransomware and the Colonial Pipeline Attack
The Colonial Pipeline ransomware attack exposed long-standing vulnerabilities in U.S. cybersecurity: the government and private sector have struggled to work together to build more resilient defenses, and outdated security models have made it difficult for the federal...
National Supply Chain Integrity Month
The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other partners to recognize April as National Supply Chain Integrity Month and promote a call to...
SolarWinds and Qualys Attacks: Why You Need Digital Supply Chain Protection
The SolarWinds attack was a pivotal moment for cybersecurity, proving that sophisticated threat actors could breach an organization through their trusted security supply chain. (1) The recent Qualys attack -- in which cybersecurity firm Qualys suffered a data breach...
Enhance Cybersecurity by Leveraging Google Packet Mirroring in ThreatWarrior
Many enterprises today are built on a hybrid or multi-cloud architecture, and the rising demand for cybersecurity solutions that can protect these cloud infrastructures has grown exponentially. However, some vendors still focus security efforts only on certain...
Unsupervised Neural Networks Explained: What Are They and How Do They Work?
We’ve all heard the buzzwords – artificial intelligence, machine learning, supervised and unsupervised neural networks, network detection and response, etc. – flying around the tech industry. In the world of IT, there’s never a shortage of these buzzwords, but they’re...
ThreatWarrior: Design Principles
At ThreatWarrior, we often collaborate on key projects. One that requires us to be aligned internally is our thinking on the core elements of our product strategy, or our design principles. First and foremost, everything we do as a company has one bottom-line...
Continuous Deep Packet Inspection vs. Traditional Packet Capture: What’s the difference?
What is Continuous Deep Packet Inspection? Continuous deep packet inspection (DPI) is a powerful technique for inspecting and filtering network traffic. DPI evaluates the packet header and contents in order to identify malware and classify traffic by application...
Cybersecurity & Network Detection and Response in the Age of Connected Things
Cyberattacks involving Internet of Things (IoT) devices are surging at an unprecedented rate. Our hyper-connectivity and reliance on IoT devices provide myriad conveniences, but they also create cybersecurity blind spots across consumer markets and enterprises. IoT...
Deconstructing Vendor AI Exaggerations
Artificial intelligence and machine learning are guiding research, accelerating product development, improving security and more across numerous industries including our nation’s most critical infrastructures. However, many vendors camouflage true capabilities through...
Cyberspace Solarium Commission Recommends US Cybersecurity Overhaul
The Cyberspace Solarium Commission (CSC) has released a report that suggests US cybersecurity policy is in need of drastic changes. The 182-page report is the result of a yearlong congressional study led by a bipartisan group of lawmakers. It calls for a policy...
Breach Blog: NASA’s Jet Propulsion Laboratory (JPL)
In 2018, NASA’s Jet Propulsion Lab (JPL) — a federally-funded research and development center that manages multiple deep space missions for NASA — was breached by hackers using a cheap, build-it-yourself Raspberry Pi computer. But that’s just the tip of the iceberg....
Breach Blog: The Texas Ransomware Attack
Prep your systems and local governments. 2019 is the year of government-targeted ransomware. At least 22 Texas towns were recently hit by a malicious, coordinated ransomware attack – the first of its kind to hit the public sector. It’s unclear at this time how the...
Small Business, Big Target: Does My SMB Need Cybersecurity?
Small and midsized business owners are obviously aware of the threat of cyber attacks. You read about them in newspapers or hear about them on news reports. Everyone knows about the attacks on big companies including Yahoo, eBay, Equifax, Target Stores, JP Morgan...
Different Cybersecurity Frameworks
There are numerous challenges to building and managing an information security program. Organizations need to comply with industry regulations, state directives and even international statutes in some cases. Cybersecurity frameworks offer a way to address your cyber...
Zero-Day Attacks Explained
Zero-day attacks… an almost-menacing, militant-sounding term. Zero-day attacks (or zero-day exploits) are actually cyberattacks that take advantage of previously-unknown vulnerabilities in software. Zero-days are called so because the vulnerabilities are exploited...
Insider Threats
The Russian cyber attack on the 2016 Presidential Election has brought cybersecurity to the forefront. Regardless of which industry you’re in, that attack made it abundantly clear we’re all at risk of cyber breaches. But don’t kid yourself – it isn’t just foreign...
Cybersecurity and Our Critical Infrastructure
The nation’s infrastructure is vulnerable to cyberattacks. We know this because a successful, prolonged (the attacks began as early as March 2016) cyberattack was discovered this year. In March 2018, the United States Department of Homeland Security (DHS) and the...
National Cybersecurity Awareness Month
If you own an internet-connected device and like to surf the web, awareness of how you can protect yourself from cyber-attacks should already be a paramount issue. However, if you have not been the victim of a hack or a phishing expedition, you may think cybersecurity...
Phishing Explained: Don’t Get Hooked
If you have an email account, it’s likely you’ve experienced a phishing attack. Simply put, a phishing attack is when a person with nefarious intent sends you an email that appears to be from a company or person you know. The text of the email often warns that there...
Advanced Persistent Threats – What Are They?
There are different levels of threat concerning cybersecurity. Sophisticated, prolonged attacks (usually carried out by a nation-state, organized criminal element, rival corporations with the intent of spying on your business, or terrorists) are referred to as...
Malware, Ransomware, Virus… What’s the Difference?
Like it or not, cyberspace is full of cybercrime. Hackers keep finding novel ways to take advantage of security flaws and breach organizations. Common weapons these cyber actors use include malware and viruses, and a widely-used technique for network infiltration is...
Cybersecurity or Cyber Security: One Word or Two?
Everyone knows the term “security” has evolved past the routine protection of the home or a person’s physical property. We’re also all aware that the word “cyber” is front and center in the realm of Information Technology. Information security is now a...
Software Agents: A Partial Solution to Cybersecurity Threats
When we entered the world of cybersecurity a couple of years ago, we considered software agents as a method of delivery for our solution. However, we quickly rejected this approach for a number of reasons and we believe it’s an unsuitable technique for effective cyber...
Claims of AI in Cybersecurity Are Highly Exaggerated
Artificial intelligence is an exciting and innovative technology. Cybersecurity is technology’s biggest problem, so it’s natural to apply the former to the latter. It’s also natural, then, that every cybersecurity company claims to use AI. However, most of those...
Threats are Evolving, Your Cybersecurity Should Too
With today’s rapid technological advances, cybercriminals’ tactics are growing more sophisticated and the threats are rising in complexity. Cyber agents are breaching firewalls and committing espionage with an increasing ability to avoid detection. It seems that each...
Hackers Exploiting an Open Door Policy at Equifax
It’s currently unknown how long hackers were in Equifax’s systems before they were detected, or if the ones discovered were the only ones that took advantage of Equifax’s open door policy. What we do know is that they (and potentially others) possibly lived within the...
What the Hack is Going on with Equifax?
On the cyber frontier, more than 143 million Americans were just hit by a digital disaster, this one in the form of a successful hack against Equifax. Equifax is one of three credit reporting agencies, Experian and TransUnion being the others. They provide credit...
The State of Cybersecurity
We’ve had tremendous feedback since we announced ThreatWarrior™, and we appreciate all the kind emails and comments that have poured in. In a previous blog post, I mentioned that with the creation of ThreatWarrior™, ThreatWarrior felt compelled to assist in the...
Future of Cybersecurity: ThreatWarrior
Like many others (and probably most of you reading this), over the last year, we’ve observed a significant increase in the number of cyber attacks and a growing diversity in cyber threat type. What’s more, cyber attacks don’t discriminate – commercial industries and...