Sage Advice - Cybersecurity Blog

An Introduction to Cyber Threat Hunting

In order to keep up with the deluge of new cyber threats and malware attacks, cyber threat hunting is becoming more popular. Cybercriminals continue to get more adept at using techniques and building tools that make it extremely difficult for traditional signature-based technologies to detect them. So difficult in fact, that it’s fairly common for an organization to not know an intrusion has occurred for days, weeks, or even months.

Read More

Topics: Threat Detection Tips, Log Analysis, Cyber Defense, Threat Hunting

Video: How a Log Analysis Service can Better Secure your Network

So, you’ve decided that you need to incorporate some sort of human intelligence into your log analysis methodology. But who? If you’re considering taking it on internally, it’s important to note that log analysis:

  1. Is a full time job that requires focus and attention to detail;
  2. Can be a painstaking process; and
  3. Requires a high level of expertise and continuous training.

If you don’t have a dedicated security staff this may seem like a tall order. Finding a partner, like Sage, helps you fill this void. Watch to learn how we can strengthen your security posture.

Read More

Topics: Log Analysis, Threat Detection Tips

Video: The Importance of Threat Intelligence in Detecting Network Threats

By joining forces to collaborate and share information, we stand a far better chance of beating back the bad guys. With threats continuously evolving, this is an on-going and time-consuming responsibility. And if you’re not able to keep up-to-date with the latest threat intelligence, your network could be vulnerable.

Read More

Topics: Log Analysis, Threat Intelligence, Threat Detection Tips

Video: How Firewall Log Analysis Differs from Firewall Monitoring

It’s no secret that managing your firewall is an essential component of defending your network. Keeping up with the latest threats, plus deploying, upgrading, patching is no small or easy task. That’s why some organizations choose to contract with a third-party to manage, and monitor, their firewall.

Read More

Topics: Log Analysis, Threat Detection Tips

Video: Why Human Intelligence is Essential for Consistent Data Breach Detection

A missing link in many log analysis methodologies is human intelligence.  While automated techniques are necessary for securing your network, without having a person who can dig into your log data to find the anomalies, you’re not able going to be able to detect everything.

Read More

Topics: Log Analysis, Threat Detection Tips

Why Isn’t Antivirus Software Enough for Malware Detection?

Antivirus (AV) software is used to detect, contain, and in some cases eliminate, malicious software. Most AV software employs two techniques – signature-based recognition and behavior-based (heuristic) recognition. A common misconception is that AV software is 100% effective against malware intrusions.

Read More

Topics: Cyber Defense, Log Analysis, Threat Detection Tips

Cyber Threat Detection - 5 Keys to Log Analysis Success [infographic]

Hackers are inventing new and increasingly sophisticated ways to break into corporate information systems, and companies must respond with more effective ways to protect their vital corporate information systems, networks, and data. Among the most reliable, accurate, and proactive tools in the security arsenal are the event and audit logs created by network devices.

Log analysis is the key to cyber threat detection. Here are 5 key elements your log analysis program should include to ensure success!

Read More

Topics: Log Analysis, Threat Detection Tips, Cyber Defense

Video: Malware Detection: When Real-Time Alerts Fail

Signature-based detection is an important part of monitoring any network environment for potential threats. But it’s not enough for all types of malware detection. Take zero-day exploits as an example. In today’s threat environment, malware code variants are being introduced on a continuous basis. Because the malicious code hasn’t been added to various knowledge bases, it’s impossible for signature-based detection technologies – like intrusion detection systems (IDS), intrusion prevention systems (IPS), anti-malware software, anti-virus software, etc. – to trigger an alert. The truth is, hackers have access to these same tools, and are specifically designing their code to bypass them undetected.

Read More

Topics: Log Analysis, Threat Detection Tips

With Log Analysis It's All About The Base... and Context, too

You've heard the question, "If a tree falls in a forest and no one is around to hear it, does it make a sound?" Whether or not it does, the question as it pertains to cybersecurity and log analysis can be re-worded a bit: "If an event is created in your logs and no one is around to review it, does it create a problem?"

Read More

Topics: Log Analysis, Threat Detection Tips, Cyber Defense

Video: Why Monitor Log Events for Authorized Connections?

It is becoming increasingly common for organizations to rely on technology service providers to maintain and administer their network environment and for third-party vendors to routinely access their networks to fulfill their functional responsibilities. Whether it be an unintentional oversight or a targeted attempt to leverage protected information, risk exposures are often introduced via authorized connections. When analyzing network log events, it is essential for your organization to review approved administrative activity in order to ensure there is a legitimate business need driving the network change procedures.

Read More

Topics: Log Analysis, Threat Detection Tips