Before beginning any sort of threat hunt, it is important to consider the tools you are using. This...
In aprevious blog post, we announced the release of Open NRD from Stamus Networks - a set of threat...
This week’s guided threat hunting blog focuses on hunting for high-entropy NRD (newly registered...
Every day, new Internet domains are registered through the Domain Name System (DNS) as a natural...
Threat hunting is a common practice for many mature security organizations, but it can be time...
Recently, we released a blog post detailing how you can solve the Unit 42 Wireshark quiz for...
This blog describes how to solve the Unit 42 Wireshark quiz for January 2023 with SELKS instead of...
This blog describes the steps Stamus Networks customers may take to determine if any of your...
This week’s guided threat hunting blog focuses on verifying a policy enforcement of domain...
It is not uncommon to see executable file transfers within an organization. However, it is...
Punycode domains have traditionally been used by malware actors in phishing campaigns. These...
When you see a domain request from a user/client to a non-local or otherwise unfamiliar or...
This blog describes the steps Stamus Networks customers may take to determine if any of your...
Non-local domain requests from the user/client network could signal trouble for an organization....
DNS over HTTPS (DoH) is a network protocol used to protect the data and privacy of users by...
Plain text executables (such as those downloaded from a PowerShell user agent) are often seen on...
This week in our series on guided threat hunting, we are focusing on locating internal use of...
This week’s guided threat hunting blog focuses on hunting for foreign domain infrastructure usage...
This week’s guided threat hunting blog focuses on hunting for Let’s encrypt certificates that were...
In this week’s guided threat hunting blog, we will focus on hunting for Let’s Encrypt certificates...
In this week’s guided threat hunting blog, we focus on using Stamus Security Platform to identify...
In this week’s guided threat hunting blog, we focus on using Stamus Security Platform to uncover...
This week’s guided threat hunting blog focuses on a specific policy violation - the use of...
This week’s guided threat hunting blog focuses on policy violations; specifically, violations...
For week 2 of our series on guided threat hunting, we will be reviewing a hunting technique to...
So, what’s next? You’ve had a successful hunt, uncovered some type of threat or anomalous behavior...
In addition to deploying advanced detection technologies, many security teams make threat hunting...
Stamus Security Platform is loaded with features that help security teams leverage network traffic...
In this series of articles we share hands-on experience from active hunts in the real world. We...
In this series of articles, we explore a set of use cases that we have encountered in real-world...
Sometimes, even after extensive training, we forget about important features or ways of using a...
The importance of having a strong security team has been growing in recent years, and many...
When the blue team needs to mount a network defense, they must answer some very common questions:
- ...
Stamus Security Platform (SSP) helps bank identify threat to its accounting network
With the help...
In this series of articles, we explore a set of use cases that we have encountered in real-world...
Threat hunting—the proactive detection, isolation, and investigation of threats that often evade...
In this series of articles, we will explore a set of use cases that we have encountered in...
As mentioned in an earlier article, organizations seeking to identify cyber threats and mitigate...
Organizations seeking to proactively identify and respond to cyber threats in order to mitigate...
Hi!Yet another upgrade of our SELKS. We are very thankful to all the great Open Source projects and...
