11 Nov

CVE-2015-2857: From Disclosure to Weaponization

in Blog, Perspectives

CVE-2015-2857 is a remote command execution vulnerability in Accellion’s Secure File Transfer Appliance (FTA). Niara was the first to detect this vulnerability being exploited in the wild, resulting in cyber criminals having near complete access to everything on the target appliance. The..

Read More
28 Oct

Avoiding the UBA Two Step

in Blog, Perspectives, Product

First-generation User Behavioral Analytics (UBA) (which I touched on in a previous blog) took a new look at the problem with identifying specific users associated with a threat (an early pioneer was “ArcSight IdentityView”). It introduced the idea of using those identities and log data to build..

Read More
21 Oct

Your Levenshtein distance module told you something was amiss. Now what?

in Blog, Perspectives, Technology

The widely used Levenshtein distance string metric, named after Russian scientist Vladimir Levenshtein who introduced this concept in 1965, has some interesting applications in cyber security.

Read More
14 Oct

Why Entities Matter: Don’t Get Stuck with Last Year’s UBA

in Blog, Perspectives, Technology

Gartner’s latest Market Guide on User Behavioral Analytics was published recently and SURPRISE! It’s not about user behavior analytics (UBA) anymore, but user and entity behavior analytics (UEBA). Avivah Litan outlines the reason for the change:

Read More
07 Oct

The Difference Between Anomalous and Malicious

in Blog, Perspectives

The security industry is in self-congratulatory mode over new capabilities such as User Behavior Analytics (UBA) and machine learning. Imagine that, software that can tell you that it is unusual for someone to access the general ledger at 2 a.m. for the first time.

Read More
29 Sep

Threat Advisory: XcodeGhost

in Blog, Perspectives

Niara's security analytics platform helps organizations detect attacks that have managed to bypass the perimeter and other traditional security infrastructure. Here’s a real-world example on how to detect a recent piece of malware you may have seen in the news called “XcodeGhost”.

Read More
23 Sep

Machine Learning: Providing a Much Needed Assist for Cyber Security

in Blog, Perspectives, Technology

I thought the Rise of the Machines article was a great read. It provided some important background about artificial intelligence and machine learning, its use by companies to solve complex problems and some emerging concerns. Having recently seen Ex Machina (a thought-provoking movie!), I feel..

Read More
16 Sep

Clearing the Air: How Machine Learning Can Enable Data-based Cyber Security

in Blog, Perspectives, Technology

There’s been some great excitement in the cyber security industry around machine learning, especially with anomaly detection and behavioral analytics. Despite the buzz, I have noticed more than a healthy dose of skepticism amongst security experts.

Read More
09 Sep

Security Analytics Done Right

in Blog, Lessons Learned, Perspectives, Technology

Given that multi-stage attacks are becoming commonplace, and that there are significant challenges in detecting these advanced threats, can security analytics effectively help with attack detection on the inside of the network? Yes it can, but only if you keep a few things in mind.

Read More
02 Sep

Security Analytics Myths and Realities

in Blog, Industry News, Perspectives, Technology

The hedgehog knows only one thing but the fox knows many things. – Archilochus, 700 BC

Read More
1 ...
3 4 5 6 7