Archives for October 2015

How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Blog by Randy Smith

Every year, organizations spend millions of frustrating hours and countless sums of money trying to reverse the damage done by malware attacks. The harm caused by malware can be astronomical, going well beyond intellectual property loss and huge fines levied for non-compliance. In 2014, the cost of malware attacks and resulting breaches was estimated at $491 billion. And these costs include more than just the money spent trying to directly respond to security breaches. Productivity, long-term profitability, and brand reputation are often severely impacted as well.

The malware threat is growing larger and becoming more challenging to respond to every year. It seems like every month there are more major breaches. Target, Neiman Marcus, and UPS have all been victims of costly breaches in the past couple years, with each event showing signs that the breaches could have been prevented. Phishing-based malware was the starting point 95 percent of the time in state-sponsored attacks, and 67 percent of the time in cyber-espionage attacks.

Can it happen to you?

It’s easy to shrug off the threat of malware and believe that the target will always be a retail organization or a huge brand name, that it will never be your organization. However, according to a 2015 Ponemon study, 80 percent of all organizations experience some form of Web-borne malware.  So don’t be lulled into a false sense of security: All industries are at risk, including the financial, health care, and government sectors you hear about in the news.

See entire blog

Sophos has announced a hardware refresh for all existing Sophos UTM Customers.  This is an awesome opportunity to upgrade to the new SG unit, and be able to enjoy the broader functionality in the latest software releases.

To find out more about the SG units, you can view our SG Series Appliances – Datasheet or give us a call.

As a reminder the UTM Series will be EOF June 2018 (Security Subscriptions)

The hardware promotion is only valid until December 31, 2015.

Leading U.S. Energy Company Selects HawkEye G for Next Generation Threat Detection and Response

Customer to be One of the Company’s Largest Deployments and Validates Comprehensive Approach to Securing Endpoints and Network

HANOVER, Md., Oct. 01, 2015 (GLOBE NEWSWIRE) — Hexis Cyber Solutions Inc. (Hexis), a wholly-owned subsidiary of The KEYW Holding Corporation (NASDAQ:KEYW), and a provider of advanced cybersecurity solutions for commercial companies and government agencies, today announced that one of the nation’s leading energy providers has selected HawkEye G for next generation threat detection and response. HawkEye G will be deployed across tens of thousands of endpoints in the customer’s environment.  This represents the first seven-figure deal for the recently released HawkEye G 3.0.

While companies across all verticals are susceptible to cyber-attacks, concern among energy companies is elevated considering the widespread implications a breach could have on critical infrastructure. Security teams increasingly understand that many traditional, signature-based security solutions are ineffective at stopping today’s stealthy attacks and many organizations continue to struggle with alert overload. Additionally, relying solely on manual response is no longer adequate and challenging to scale given the velocity of attacks combined with the security skills shortage.

“We know organizations are looking for increased enterprise visibility into advanced threats and incident response, and security teams are looking for better, faster ways to remove threats and reduce alert fatigue, not more manual tools,” said Chris Fedde, president, Hexis Cyber Solutions. “Companies need an integrated cyber defense solution that will protect endpoints and the network by delivering evidence-based detection, threat verification and automated response capabilities. The selection of HawkEye G by one of the largest energy companies in the U.S. is the latest validation of our HawkEye G 3.0 solution and our approach of integrated detection & automated response.”

The latest version for HawkEye G, released in April, includes improved behavior-based endpoint detection, proprietary technology called ThreatSync^TM for threat verification, and integration with leading third-party security technologies such as Palo Alto Networks and FireEye for detection and Splunk for increased threat intelligence. Increased confidence in detecting, verifying, and responding to threat alerts using HawkEye G empowers security teams to quickly and confidently defend themselves at machine speeds before damage is done.