Automating Alert Triage and Threat Hunting with SentinelOne + Intezer
One of the biggest pain points of cyber security teams is alert fatigue – trying to keep up with a tedious, never-ending...
Threat Hunting Rule Extraction and Use Cases
TL;DR: You can now extract IOCs and behavioral indicators to a hunting rule format for your endpoint security system. This enables you...
CrowdStrike + Intezer: Automation for Alert Triage and Threat Hunting
Intezer’s solution for CrowdStrike is powerful enough to function as a virtual Tier 1, allowing you to remove false positives and get...
Detection Rules for Lightning Framework (and How to Make Them With Osquery)
On 21 July, 2022, we released a blog post about a new malware called Lightning Framework. Lightning is a modular malware framework...
Autonomous SecOps: Your AI-Driven Tier 1 SOC Team
We are helping security teams go beyond individual file analysis to automate their entire Endpoint and Email alert triage processes with our...
Stay Ahead of the Latest Threats with Threat Family Tracking
TL;DR – You can now subscribe to threat actors/malware families in Intezer and receive notifications for new IoCs and detection opportunities. Staying...
SOC Level Up: Threat Hunting and Detection With Sigma
Sigma is a universal markup language for analyzing logs, which you can use to write threat hunting and detection rules for evolving...
How to Write YARA Rules That Minimize False Positives
Generate Advanced YARA Rules Based on Code Reuse Incorporating YARA into daily security operations can accelerate incident response time, classify malware, empower...
Top Cyber Threats to the Manufacturing Sector
Manufacturers are building automated workflows for alert triage, incident response, and threat hunting to meet a rising volume of...
Automate Alert Triage and Response Tasks with Intezer EDR Connect
Integrate with SentinelOne, CrowdStrike, and Microsoft Defender One of the biggest pain points of cyber security teams is alert fatigue – trying...
Security ROI: Time & Resource Savings for IR/SOC Teams
Automation can augment your security team to help you manage never-ending alerts, reduce skill gaps, and respond...
SOC Level Up: Introduction to Sigma Rules
Sigma rules are catching on more and more for SOC teams, as a way to write one rule that can be used...
Scale Incident Response with Detection Engineering: Intezer Detect & Hunt
Adversaries are highly motivated, constantly expanding and improving their tools and techniques. On the other side of the fight, security teams are...
Boost Your SOC Skills: How to Detect Good Apps Gone Bad
Threat actors have a wide range of tools and techniques they can use in cyber attacks including: malware-as-a-service, open-source tools and malware...
Detection Rules for Sysjoker (and How to Make Them With Osquery)
On January 11, 2022, we released a blog post on a new malware called SysJoker. SysJoker is a malware targeting Windows, macOS,...
The Role of Malware Analysis in Cybersecurity
Threat actors use malicious software to cause damage to individuals and organizations. Malware is the most common form of a cyberattack because...
ChinaZ Updates Toolkit by Introducing New, Undetected Malware
Introduction ChinaZ is a Chinese cybercrime group and the author of several DDoS malware. We have profiled this group in a previous...
PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers
Analysis by Intezer and IBM X-Force points its origins to a Malware-as-a-Service (MaaS) provider utilized by the Cobalt Gang and FIN6 attack...