Exabeam News Wrap-up – Week of August 8, 2022
We’ll be regularly bringing you a summary of Exabeam’s key topics and headlines. Stay up to date with the Exabeam News Wrap-up!
Jeannie Warner, director of product marketing at Exabeam, sees the recent Twilio breach as a cautionary tale about the dangers of phishing:
“There are many public and commercial data providers that offer blacklisting services or databases for potential phishing domains/URL lookups. However, like any signature-based approach, newly-crafted phishing URLs cannot be identified this way. New machine learning approaches can actually flag a suspicious phishing URL previously unknown to blacklist data providers and should be considered by frequently targeted industries, such as technology and communications providers. Innovative organizations need a modern approach to securing their environments in order to spot these types of attacks quickly. To help achieve this, machine learning-powered SIEM, automated investigation and response tools, and UEBA technology should absolutely be part of their security stack.”
At enterprises today, cybersecurity teams are narrowly focused on addressing exploits. In addition to monitoring security alerts and incident data, security teams scan technology company news and software releases for information about new vulnerabilities that need to be patched. At the same time, they’re likely paying experts to monitor online criminal marketplaces to understand the latest threats that are being productized and weaponized. All of this data helps these experts quickly evolve their strategies and reduce their company’s attack surface.
This model, unfortunately, is broken. It’s more than likely that the adversary is already hiding within the network, and equally as likely that they got in with stolen, now compromised, credentials.
Red teams include many roles ranging from penetration testers to attackers and exploit developers. These roles attract most of the buzz, and the many certifications revolving around these roles (OSCP, OSEP, CEH) make them seem fancy. Movies usually make hackers the heroes, while typically ignoring the defending side, the complexities and challenges of blue teamers’ roles are far less known.
While blue teams’ defending roles might not sound as fancy and gather little to no buzz, they include essential and diverse titles that cover exciting and challenging functions and, finally, pay well. In fact, Hollywood should look into it!
In honor of the XDR Alliance’s one-year anniversary, the Alliance has announced its Common Information Model (CIM), which provides the broader cybersecurity industry with a common foundation for understanding, normalizing, getting deeper visibility into, and enriching log data across technologies to provide organizations with simplified integration and a more holistic picture of their environments.
We have announced the upcoming date for our fifth annual users’ conference, Spotlight22, which will take place in person and be broadcast worldwide to Exabeam global customers, partners, and employees live from the NASDAQ MarketSite in New York on Oct. 17, 2022. Attendees will see and experience the latest security information and event management (SIEM) and behavioral analytics product innovations.
Help select Exabeam CMO Sherry Lowe’s talk, “Breaking Cyber Ceiling — The Path to the C-Suite,” for a speaking slot at SXSW.
Sherry has experienced firsthand how tough it can be for women to find their way to the C-suite in marketing — but she knows what the rewards for the industry could be if more women get on the path to the boardroom. In her talk, she plans to highlight how diversifying leadership in marketing or any field will benefit an organization in terms of recruitment, sales and future company success.
Stay tuned for the next issue of the Exabeam News Wrap-up!
GUIDE: 5 Ways Exabeam Helps Eliminate Compromised Credential Blindspots
Stolen credentials are a persistent problem that many organizations have yet to effectively solve. Frequently, credential-stuffing attacks occur wherein a threat actor successfully steals credentials, logs in to the environment, and moves laterally to gain higher-level access. All activities have a singular focus: to access private data or high-value assets. The MITRE ATT&CK knowledge base provides information about tactics, techniques, and procedures (TTPs) used by threat actors that can help security teams build stronger security processes.
This guide will show you five ways to leverage Exabeam’s machine learning-powered solution to detect these activities through analytics, including mapping the activities to the MITRE ATT&CK framework.
Exabeam News Wrap-up – Week of September 19, 2022
Exabeam News Wrap-up – Week of September 12, 2022
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!