Career Advice for Cybersecurity
It is not a secret that cybersecurity can be a very rewarding career path. Demand for cybersecurity professionals is at all-time high, providing many job opportunities and excellent compensation. However, this is a complicated field that requires proficiency in diverse technologies and industry subjects. Today, I am sharing my thoughts on a few building blocks that may lead to a successful cybersecurity career.
Agile Decision Making in Cybersecurity
In today’s world of increasingly complex cyberwarfare, Security Operations Centers (SOCs) have to contend with an overload of cybersecurity indicators and their supporting information. Incident responders must make critical decisions with limited evidence and little time. Cyber Threat Intelligence and Threat Hunting are designed to augment the SOC process constraints with advanced levels of situational awareness and decision support.
Cyberwarfare in the Russian Assault Against Ukraine
On January 14th of 2022, the Security Service of Ukraine (SSU) stated that the country was the target of an ongoing “wave of hybrid warfare,” aiming to instill anxiety and undermine Ukrainian society’s confidence in the state’s ability to defend its citizens. The active cyber offensive by Russia against Ukraine began weeks before the Russian invasion on February 24.
PacketTotal – a Community Service for PCAP Analysis
PacketTotal is the world’s largest packet-capture (PCAP) analytic service with over 100,000 publicly shared PCAP samples. PacketTotal has been operated by Dynamite Analytics’ team since 2017 with thousands of network and cybersecurity professionals using it every month.
Log4Shell Survival Tips
The disclosure of the Log4j zero-day exploit, a.k.a. Log4Shell or CVE-2021-44228, at the end of 2021 set the cybersecurity world on fire. The vulnerability was characterized as one of the worst in history as it provided an open door to millions of network devices using the popular open-source Log4j software. Within a few days and weeks following the disclosure, the cybersecurity community has made much progress in identifying and countering this threat.
PCAP Analytics Redefined with PacketTotal
Packet-capture (PCAP) files contain a complete copy of live network traffic and are essential for cybersecurity and network operations analysis. Unfortunately, PCAP datasets consume large amounts of storage, are technically complex and are notoriously difficult to data mine at scale. CISOs often overlook the packet-capture capability considering it a “nice-thing-to-have that we cannot afford.”
Zero Trust Architecture and Network Visibility
As our team at Dynamite Analytics, recently released a major upgrade of our network sensor, Dynamite Agent, I was reflecting on the evolution of network security best practices from the aging Perimeter Security model to the emerging Zero Trust Architecture. Our efforts at Dynamite are largely focused on network visibility and traffic analysis, and it has been encouraging to see that our work has become essential for enforcing the tenets of Zero Trust.
Truths and Myths About Cybersecurity AI
The marketing messages of Artificial Intelligence software companies often create an aura of mystery and borderline confusion. The cybersecurity industry is a great example of such bewilderment full of perplexing ideas and exaggerated claims. At the end of the day, a security organization must be able to see through the vendor smokescreen and make intelligent purchasing decisions.
Race Against Time in Ransomware Cyber Attacks
The Colonial Pipeline cyber-attack, leaving the US East Coast with a fuel-supply shortage, has been a somber reminder of the broad-scale impact caused by ransomware. Many organizations come to a terrifying admission that sooner or later they may be breached, and they will not catch the intrusion on time. Dwell time is becoming a buzzword in the age of ransomware, referring to the amount of time an attacker remains undetected inside the network. It is a key indicator whether an organization can stop an attack before the damage is done.
Network Detection of Sophisticated Cyber Attacks
The major cybersecurity compromises like SolarWinds and MS Exchange Server have dominated the headlines for a good reason. These types of threats are very real, and the risk exposure keeps getting worse. Network Detection and Response (NDR) is rising up as one of the key defense mechanisms against such high-impact cyber campaigns.
Network Traffic Analysis and Cloud Security
Network traffic mirroring is a relatively new feature on major cloud platforms. As a result, Network Detection and Response (NDR) is now possible not only in on-premise environments, but also in the cloud. In this short OnDemand Webcast, Adam Pumphrey, Chief Operating Officer at Dynamite Analytics, will provide guidance on how to improve Cloud Security with NDR.
The Pyramid of Pain in the SolarWinds Cyber Attack
We just witnessed one of the most sophisticated cyber-attacks in history with the supply chain compromise of the SolarWinds software. This nation-state attack combined many unique adversarial techniques hidden under a trusted software update. In summary, this was a flawless campaign that successfully bypassed almost all information security controls. Every cybersecurity organization now faces a question – what to do next.
What is Network Metadata?
RESEARCH ARTICLE & VIDEO
Many cybersecurity vendors use the term network metadata without clearly defining what it is. Generally speaking, metadata is descriptive information about the data, or “data about the data.” Network metadata carries individual traits pertaining to the structure of network protocols and packets. Specifically, it represents telemetry of network connections and the artifacts associated with these connections.
Packet Acquisition in the Cloud
Network Detection and Response (NDR) starts with packet acquisition on the wire also known as network traffic inspection. In this short OnDemand Webcast, Adam Pumphrey, Chief Operating Officer at Dynamite Analytics, will provide guidance on how to use network traffic inspection in Cloud Security.