SafeBreach

Whether your organization opts for CTEM or another proactive security strategy, regular validation of security controls is crucial. BAS offers a unique perspective, allowing your team to test your security posture through the lens of a threat actor. Ready to learn more? Dive into our on-demand webinar: The Road to CTEM: How Breach & Attack Simulation Fuels a Continuous Threat Exposure Management Program. https://hubs.ly/Q02TpDgV0

New Coverage Alert - CISA and other authoring agencies have issued a new CERT Alert (AA24-290A) highlighting the use of password spraying and other techniques being used by Iranian threat actors to gain and maintain access to critical infrastructure entities. Existing SafeBreach customers do have coverage against the majority of the attacks highlighted in this CERT alert. Our playbook not only has extensive coverage of the TTPs and IOCs listed in this US CERT, but also has very extensive coverage of techniques being frequently used by Iranian threat groups. Stay tuned for our blog and additional CERT-specific coverage details soon. #BestinBAS #Iranianthreatactors #safebreach

What would happen if adversaries found a way to encrypt all of your sensitive data without encrypting a single file on your endpoints? What if this encryption could be achieved without a single malicious executable being present on the endpoint? Join us for a research presentation on November 20, 2024, at 9 am PT/12 pm ET. This research, first presented at Black Hat, highlights DoubleDrive - a fully undetectable cloud-based ransomware, different from all other public ransomware variants seen so far. It bypasses decoy file detection, Microsoft's Controlled Folder Access and OneDrive's ransomware detection. This talk will highlight: • Why we must avoid placing blind trust in any process or executables developed by trusted vendors. • How the next generation of ransomware attacks could be executed through legitimate cloud services. • Why security measures should be designed to prevent attackers from tampering with security settings, ensuring the protection of data and systems. Save your spot today: https://hubs.ly/Q02TpB_x0

See you at SINET tomorrow! Not going to be there? Don't worry, you can catch us at a number of events throughout the month. 😎

When this global financial services institution (FSI) approached SafeBreach, it was to address a significant issue with their internal alert chain. Notifications around potential malicious activity often weren’t delivered to incident responders or were delayed—sometimes for several hours—due to the complex pipeline of technologies the alerts traversed. With the SafeBreach platform, the FSI was able to address the alerting issue by identifying several issues and blind spots within the alert pipeline, including: • Delayed alert log collection and processing with the SIEM • Disrupted security alert ticketing processes • Missing intrusion detection system (IDS) packet telemetry • Missed digital certificate renewal deadlines • Disruptions to alerting system from firewall adjustments • Corruption of log forwarding • Exclusion of critical log information in the ticketing and alerting process From our Voices from Validate series, read the full story of how this FSI with more than $1 trillion in customer assets partnered with SafeBreach to regain confidence in their security tools and incident response processes. https://hubs.ly/Q02TpCL70

The SafeBreach team is everywhere this month! We’ve got plenty of options for ways to connect. Give us a shout in the comments if you'll be at any of these events. 👇 https://hubs.ly/Q02SSnS80

What exactly is Continuous Threat Exposure Management (CTEM)? This approach to cybersecurity, coined by Gartner, reorganizes existing proactive cybersecurity exercises into a more cohesive program. Learn more in our blog: https://hubs.ly/Q02SSnXH0

As adversaries enhance their level of sophistication, selecting the right endpoint detection and response (EDR) solution becomes increasingly critical. With so many options on the market, where do you begin and how do you level the playing field to accurately compare different solutions within your environment? Check out our on-demand webinar, where Steven Beasley, Global Enterprise Senior Security Architect at Olin, shares how to: • Create the criteria for choosing an EDR solution that aligns with your organization's security goals • Utilize breach and attack scenarios to challenge EDR solutions and assess their capabilities under controlled conditions • Leverage best practices to effectively execute testing, and • Clearly communicate results with the vendors being evaluated. https://hubs.ly/Q02SShR30

Heading to SecTor later this month? Make sure to stop by and see us at Booth 637 and don't miss out on Sr. Security Researcher Shmuel Cohen's briefing on Thursday, October 24 at 10:15! https://hubs.ly/Q02SQSdd0

As we reflect on the past year, we take a moment to grieve those who have been lost and honor the resilience and bravery of those who have carried on. We continue to stand behind our team in Israel, prioritizing the safety and well-being of them and their families. And we hold out hope for a future that is not defined by tragedy, but by hope and resilience.