Detection and response Archives

The Shape-Shifting Threat: How to Fight Polymorphic AI

AI is fundamentally changing how threats are created and detected. Polymorphic AI malware continuously modifies its code and evades detection by not writing to disk and running solely in memory. Even if its use is

Bash and Switch: Hijacking via Windows Subsystem for Linux

Windows Subsystem for Linux (WSL) is a feature in Windows that allows users to run a real Linux user space directly inside Windows, without needing a virtual machine or dual-boot setup. This feature is commonly

Closing Falcon EDR Gaps with Automated Delivery of New IOA Rules

Managing a threat-informed detection posture across your full security stack is no small task–even for large, leading-edge enterprise security teams. That’s why we’re excited to help our customers unlock the full potential of their CrowdStrike

The Analyst Who Cried Malware: Rethinking False Positives and Alert Fatigue

False positives aren’t just annoying. They’re corrosive. Every unnecessary alert chips away at the analyst’s attention span. Every poorly designed rule teaches the SOC to distrust its own tools. Every noisy detection makes it harder

SANS 2024 Detection and Response Survey – Transforming Cybersecurity Operations: AI, Automation, and Integration in Detection and Response

Download the SANS 2024 Detection and Response Survey to discover insights from cybersecurity professionals on navigating today’s detection and response challenges. Key findings include: