Did you miss this? 🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we released a threat hunting guide with guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4cg0Gdw Read the blog post to uncover more findings: https://bit.ly/3xFbxia #Mandiant #Snowflake #ThreatHunting
Mandiant (part of Google Cloud)’s Post
More Relevant Posts
-
🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we have released our Snowflake threat hunting guide, which contains guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4c3vrSY Read our blog post to uncover findings from our investigations into this threat campaign: https://bit.ly/4b6KUjC #Mandiant #Snowflake #ThreatHunting
To view or add a comment, sign in
-
-
Helpful guide for CISOs and their teams!
🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we have released our Snowflake threat hunting guide, which contains guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4c3vrSY Read our blog post to uncover findings from our investigations into this threat campaign: https://bit.ly/4b6KUjC #Mandiant #Snowflake #ThreatHunting
To view or add a comment, sign in
-
-
🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we have released our Snowflake threat hunting guide, which contains guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4c3vrSY Read our blog post to uncover findings from our investigations into this threat campaign: https://bit.ly/4b6KUjC #Mandiant #Snowflake #ThreatHunting Direct link: https://lnkd.in/eSn32WKa
To view or add a comment, sign in
-
Co-founder @ FourCore | Emulate the most imminent threats in minutes | Security Validation | Threat-informed defense
🌟Glimpses from our workshop at Data Security Council of India #AISS2023. The workshop was titled "Detection Engineering and Adversary Emulation". Swapnil A. focused on why it's important to detect behaviours, and how to test detections using adversary emulation. Going through the various methods threat actors steal credentials from browsers, how to build detections for these methods and a live threat hunting session using Splunk and FourCore ATTACK! #DetectionEngineering #AdversaryEmulation Hardik Manocha
To view or add a comment, sign in
-
Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6 #threathunting #threatdetection #infosec
Attack Detective
my.socprime.com
To view or add a comment, sign in
-
set query_datetimescope_to = datetime(2024-04-30 18:22:00); SecurityEvent | where thanks goes to Blu Raven | summarize experience() Security investigations, threat hunting and detection engineering can't be done without a bit of typing! This was a great introduction to the power of KQL which is used in platforms like Sentinel and Microsoft Defender. Link in the comments if you'd like to try when new seats become available. 🔎 🔐 #KQL #security #analysis #siem #sentinel #defender
To view or add a comment, sign in
-
-
Go on the offense and hunt threats down before they become breaches. In this Sumo Logic blog, learn how threat hunting leverages data #analytics, machine learning, and threat intelligence to find potential issues automated threat detection might miss. #securityanalytics #poweroflogs
Blog: Why your security analytics needs proactive threat hunting
sumologic.com
To view or add a comment, sign in
-
Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6
Attack Detective
my.socprime.com
To view or add a comment, sign in
-
Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6
Attack Detective
my.socprime.com
To view or add a comment, sign in
-
Rely on Attack Detective to automatically scan your environment with custom parameters and dataset to determine the potential attack surface. Quickly filter the results and verify them in your Data Plane to remediate the threat in the least time possible.
Attack Detective
my.socprime.com
To view or add a comment, sign in