Datashield Partner Digest for the Week of June 18, 2020 - Analyzing the SOC Findings from RSA Conference 2020, Ransomware Returns With A New Twist via Mimecast, Vulnerability Management with PlexTrac Training Demo.
At Datashield, we pride ourselves on partnerships and are always looking for way to highlight what's new in the industry and with our partners. This helps us bring out the latest and greatest trends and key features for the services we use to bring you the best in MDR service.
Check out our latest partner updates:
Behind the Data: Analyzing the SOC Findings from RSA Conference 2020
12.7 billion packets captured, 88.3 million logs analyzed and 8.08 terabytes of data written to disk. These stats make up the RSA Conference (RSAC) 2020 Security Operations Center Findings Report.
The RSA Conference SOC team again deployed the RSA NetWitness® Platform as part of its array of tools, including the RSA NetWitness Logs, RSA NetWitness Network and RSA NetWitness Orchestrator components for evolved SIEM capabilities. With this tool, the RSAC SOC Team was able to collect all the raw network traffic from a switch port analyzer (the SPAN) from the Moscone Center network, add metadata and visually prioritize threats occurring in real time. With that in mind, let’s examine three key takeaways from this year’s findings report:
- Cleartext usernames and passwords
- Location data and mobile devices
- Know your vendor
Read more here.
Ransomware Returns With A New Twist: Pay Up or We'll Publish
Ransomware Attacks Have Become Larger And More Sophisticated—And Hackers Are Increasingly Stealing Sensitive Information And Threatening To Publish It Unless The Ransom Is Paid.
- More ransomware attacks are stealing sensitive information and extorting organizations with threats to leak it online.
- With more users working remotely during the COVID-19 pandemic, openings for hacking have multiplied.
- A combination of cybersecurity awareness training and technology can fortify your defenses.
Ransomware is a key element in the rise in cyberthreats surrounding the COVID-19 pandemic. And increasingly, hackers are not only locking up confidential data, but also threatening to publish it online unless the ransom is paid. A combination of awareness education, technology, and the right cybersecurity hygiene can be used to protect against the threat.
Read more here.
Vulnerability Management with PlexTrac Training Demo
Vulnerability Management is the process where identified IT vulnerabilities are evaluated. This evaluation leads to vulnerability scope and mitigation steps to reduce or eliminate the potential risk to the organization.
Demo Key Takeaways:
- What is Datashield's responsibility in a VM project? To provide a three phase MDR approach to potential vulnerabilities in a customer network.
- Three Phases to VM: Discovery, Reporting, and Lifecycle
- Discovery is the process of using a scanning tool like PlexTrac to identify where the vulnerabilities are and "replay threat exploits in a benign way".
- Reporting is where Datashield comes in and provides in-depth analysis in a digestible format for organizations to action on.
- Lifecycle Management or Remediation is where the organizations we are providing this information to are able to resolve or in some instances just notate the vulnerability for future remediation.
- Customers are able to login and see the alerts and reports that have been run in their environment
- Dashboard provide a snapshot of analytics that is trending over time, criticality level, and the status of each vulnerability
- Companies utilize Datashield because:
- We provide the infrastructure from a top-down approach
- PlexTrac has an easy-to-use single-pane-of-glass platform
- Saves time and money on operations setup
- Companies can leverage and manage their entire VM program for comprehensive coordination
- User management and timeline of events
- SIEM Integration Advantage
- Queryable for trending and alerting
- Can leverage rules for traffic analysis and spikes
- Can correlate threats with known vulnerabilities
See the full training here.