Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
My friend Aamir Lakhani, AKA Dr. Chaos, posted this blog recently on his website, www.drchaos.com. The topic is on combining big data analytics with software-defined networking in order to build anomaly-based detection and mitigation systems for internal networks.
In the blog, he discusses the reasons why traditional security doesn’t work and why innovations are necessary. He argues that in cases where attacks cyber leverage legitimate applications, protocols and user credentials to gain unauthorized access, traditional security protections prove useless.
However, using advanced analytics, along with modern security tools, security teams can identify anomalous behavior even if the attacker has valid credentials. The key is establishing baselines and running a sophisticated analysis of large data sets.
As he points out, “Data science experts will tell you that no matter how often an abnormal behavior occurs — whether it’s one hundred times or just once — it’s still abnormal behavior and can be categorized once a baseline is established.”
It’s a fantastic read and very provocative. It ties back into our firmly held belief at RiskIQ that innovative detection methods are going to be the best defense for organizations, their brands, and their customers in the modern world. RiskIQ also leverages large data sets and data analytics as inputs into our technology to manage external threats. It is a key factor in ensuring we provide accurate and timely data, which we strongly believe can make the difference in protecting an enterprise profile online.
Link to blog: http://www.drchaos.com/understanding-and-preventing-cyber-fraud-and-cyber-attacks-with-advanced-big-data-cyber-security-analytics/
Aamir Lakhani is a leading security architect. He is responsible for providing IT security solutions to major commercial and federal enterprise organizations.
Lakhani leads projects that implement security postures for Fortune 500 companies, healthcare providers, educational institutions, and financial, media and government organizations. Lakhani has designed offensive counter defense measures for defense and intelligence agencies and has assisted organizations in defending themselves from active strike-back attacks perpetrated by underground cyber groups. Lakhani is considered an industry leader in support of detailed architectural engagements and projects on topics related to cyber defense, mobile application threats, malware, Advanced Persistent Threat (APT) research and Dark Security. Lakhani is the author or contributor of several books and has appeared on National Public Radio as an expert on Cyber Security.
Back to RiskIQ Blog
What are the keys to a Modern Vulnerability Risk Management Program? On Tuesday, @joshuamayfield and @josh_zelonis will examine why defending your organization's digital attack surface starts with being able to discover unknowns and investigate threats: https://t.co/kCxgPW0Ckb
IGNITE is just 10 days away! RSVP now to kick off #RSAC and party with Flashpoint, @elastic, @ThreatQuotient, @Siemplify, and @RiskIQ: https://t.co/hnlh0UhHEo
The largest UK #GDPR fine was £183m in 2018 as B.A. booking website was hit by Magecart ccard skimming code. @RiskIQ worked with https://t.co/E3JRdvCMWA and Shadowserver to take down the malicious domains. https://t.co/iiH69vbKFK
The theme of this year's @cctxcanada 4th annual collaboration event is "Give and Take: Why helping others drives our success." RiskIQ's Geoff Roote explains the modern Internet Attack Surface and why defending the web is a collaborative community effort.
State-sponsored social engineering: how you can protect your business from Iranian #CyberThreats https://t.co/uoI0wG2Pje #ThreatIntelligence