Stamus Networks Blog

We believe that sharing information is necessary to improve global security. The purpose of this blog is to share our experiences, perspectives and experiments.

Subscribe to our Blog

Blog /
Showing 66 results
of 66 items.
Reset All

Category

Uncovered with Stamus Security Platform: Tapped on the Shoulder

In this series of articles, we explore a set of use cases that we have encountered in real-world...

In the Trenches with NDR: NDR Discovers Crypto Wallet Stealer on U.S. University's Network

Tl:DR: A Large U.S. university lacked sufficient visibility into a large segment of its environment...

The Rise of Network Infrastructure Attacks and What to Do About Them

TL;DR: In recent months, CISA, MITRE, CVE.org, and others have announced critical vulnerabilities...

In the Trenches with NDR: K-12 School District Maximizes Visibility While Avoiding Alert Fatigue

TL;DR: An American school district needed to monitor over 5000 school-owned student devices, making...

In the Trenches with NDR: European MDR Designs Advanced NDR into Their Product Offering

TL;DR: A European managed security service provider seeking to launch an MDR service chose Stamus...

In the Trenches with NDR: European Financial Institution Achieves Greater Network Visibility

Network detection and response (NDR) is a critical component of a comprehensive cyber defense...

Software Release U39.1 now available from Stamus Networks

This week we announced that an important new software release Update 39.1 (or “U39.1”) for our...

Addressing Cloud-Related Threats with NDR: Key Takeaways from the 2023 PwC Cybersecurity Outlook Report

In an era of rapidly advancing technology and digital transformation, the realm of cybersecurity is...

Introducing Open NRD: Newly Registered Domain Threat Intel Feeds for Suricata

This article describes the details of the new Open NRD threat intelligence feeds provided by Stamus...

The Critical Role of NDR in Continuous Security Auditing

For a large organization, keeping track of numerous security systems or internal security policies...

Don't Take the Bait: Detect Whaling Phishing with Network Detection & Response

In our past series, “Threat! What Threats?” we covered the topic of phishing in a generic way, but...

Incorporating Newly-Registered Domains into Stamus Security Platform Workflow

Every day, new Internet domains are registered through the Domain Name System (DNS) as a natural...

Feature Spotlight: Declarations of Compromise™

One of the unique innovations in the Stamus Security Platform is the feature known as Declaration...

Proactive Defense: Achieving Optimal Results with Threat Detection and Response

Recently we have discussed the various use cases, benefits, and limitations of different threat...

Demystifying the Cyber Kill Chain: Understanding the Stages of a Cyber Attack

The cyber kill chain is a widely-used framework for tracking the stages of a cyber attack on an...

Proactive Defense: Exploring Network Detection and Response

Network security plays a crucial role in today's digital landscape as it safeguards sensitive...

Proactive Defense: Understanding Threat Detection & Response

Cyber threats are becoming increasingly sophisticated and pervasive, causing organizations to place...

How to Improve Threat Hunting with Organizational Context

Threat hunting is a common practice for many mature security organizations, but it can be time...

The Hidden Risks of False Positives: How to Prevent Alert Fatigue in Your Organization

Intrusion Detection Systems (IDS) can be powerful threat detection tools, but IDS users frequently...

Stop the leak! Detecting ChatGPT used as a channel for data exfiltration

In a recent conversation, one of our customers shared their concerns about the use of ChatGPT in...

Detecting Attacks Against CVE-2022-39952 (FortiNAC)

This blog describes the steps Stamus Networks customers may take to determine if any of your...

Harness the Power of Shared Threat Intelligence with MISP

When it comes to cyber threats, we understand that a threat to one organization can quickly become...

Cybersecurity Compliance for Financial Services: Can NDR Help?

Maintaining an effective security posture is difficult enough for any organization. But for those...

Weak Attack Signals Your Legacy IDS Will Miss: Unauthorized User Activity

When you already know the specific attacks faced by your organization, then the basic detection...

Weak Attack Signals Your Legacy IDS Will Miss: Anomalous Network Activity

Intrusion detection systems (IDS) function incredibly well when it comes to making signature based...

Detecting Attacks Against OpenSSL Vulnerabilities

This blog describes the steps Stamus Networks customers may take to determine if any of your...

Weak Attack Signals Your Legacy IDS Will Miss: Malware Beacons

Command-and-control (C2) attacks are bad news for any organization. Attackers use C2 servers to...

Weak Attack Signals Your Legacy IDS Will Miss: Homoglyphs

Intrusion detection systems (IDS) have proven to be a highly effective and commonly used method of...

Threats! What Threats? Penetration Tests and Stamus Security Platform

This week in our threat detection blog we are mixing things up and discussing an important  Stamus...

Threats! What Threats? Combatting Remote Access Trojans with Stamus Security Platform

This week’s threat detection blog dives deeper into a common type of malware, remote access trojans...

Threats! What Threats? Combatting Crypto Mining and Stamus Security Platform

In this week’s threat detection blog, we will be reviewing a financially-motivated threat that is...

Threats! What Threats? Uncovering Shadow IT with Stamus Security Platform

This week we are taking a closer look at Shadow IT, which is the use of information technology by...

Threats! What Threats? Detecting Phishing with Stamus Security Platform

Phishing is commonly regarded as the most common and effective way attackers can gain access into a...

Threats! What Threats? Command & Control and Stamus Security Platform

In this article, we will review one of the most important and critical  phases on the cyber kill...

Threats! What Threats? Malware Beacons and Stamus Security Platform

One of the first network-related indications of a botnet or peer-to-peer (P2P) malware infection is...

Threats! What Threats? Detecting Lateral Movement with Stamus Security Platform

In this article I want to highlight one of the tactics used by malicious actors to move within your...

Uncovered with Stamus Security Platform: Raiz0WorM

In this series of articles we share hands-on experience from active hunts in the real world. We...

A Bold New Approach to Network Detection and Response

Existing systems that aggregate network security alerts and metadata do not properly detect and...

Threats! What Threats?

We talk often about “threats” and “threat detection” in our marketing materials and in discussions...

Uncovered with Stamus Security Platform: Spyware Missed by EDR

In this series of articles, we explore a set of use cases that we have encountered in real-world...

Feature Spotlight: Host Insight Transformation with IDS Alert Metadata

In the previous article of the “Feature Spotlight” series, we discussed how to pivot from IDS alert...

Feature Spotlight: Pivot from IDS Alert Metadata to Signature Details

Sometimes, even after extensive training, we forget about important features or ways of using a...

Upgrading your IDS/IPS? Answer these 3 Key Questions First.

So, you are considering migrating your legacy or aging intrusion detection and prevention system...

XDR - eXtending Detection and Response to the Network

Extended detection and response, or XDR, has generated substantial interest in recent years - and...

Upcoming Webinar: The Case for Upgrading Your Network Defenses

On 16 November 2021, my colleague Ed Mohr and I will be giving our second talk entitled “The Case...

Webinar: The Case for Upgrading Your Network Defenses

On 12 October 2021, my colleague Ed Mohr and I will be giving a talk entitled “The Case for...

Uncovered with Stamus Security Platform: Danger in the Datacenter

When the blue team needs to mount a network defense, they must answer some very common questions:

  • ...

Detection Technology Truth-telling and a Focus on Results

In my last blog article, I introduced some of the factors that have contributed to our successes...

Much more than just another NDR Vendor

In cybersecurity as soon as you stand still, you’re falling behind. Change, whether it’s in the...

Uncovered with Stamus Security Platform: User Agents Tell the Story

Stamus Security Platform (SSP) helps bank identify threat to its accounting network

With the help...

Uncovered with Stamus Security Platform: Shadow IT

In this series of articles, we explore a set of use cases that we have encountered in real-world...

Stamus Security Platform meets TheHive Project

Recently, Stamus Networks introduced outgoing webhook capabilities to its Stamus Security Platform....

Stamus ND/NDR is Armed to Detect Stolen FireEye Red Team Tools

Yesterday, FireEye/Mandiant announced that a “highly sophisticated state-sponsored adversary stole...

Endpoint-Based and Network-Based Threat Hunting — Each Has its Strengths

Threat hunting—the proactive detection, isolation, and investigation of threats that often evade...

Uncovered with Stamus Security Platform: MoDi RAT

In this series of articles, we will explore a set of use cases that we have encountered in...

From Open Source IDS to Cyber Kill Chain to SOAR – My First Eight Weeks at Stamus Networks

Stamus Networks? They are the Suricata company aren’t they? And Suricata? It’s an open source IDS...

Why Context is Critical for Successful Network Detection and Response

As mentioned in an earlier article, organizations seeking to identify cyber threats and mitigate...

Is Network Traffic Analysis (NTA) dead in an age of Network Detection and Response (NDR)?

Organizations seeking to proactively identify and respond to cyber threats in order to mitigate...

Uncovering Critical Policy Compliance Violations in an Era of Remote Workforce

Sometimes the greatest vulnerabilities and risks an organization faces are created by users'...

Scirius Security Platform: The First Chapters in the Quest

Every great story begins with the first chapter. And with each new chapter the characters develop...

Scirius Enterprise Edition, Release 29

Following the release of Scirius Community Edition 2.0, Stamus Networks is happy to announce the...