Mandiant (part of Google Cloud)’s Post

🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we have released our Snowflake threat hunting guide, which contains guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4c3vrSY Read our blog post to uncover findings from our investigations into this threat campaign: https://bit.ly/4b6KUjC #Mandiant #Snowflake #ThreatHunting

Helpful guide for CISOs and their teams!

🚨 Snowflake customer database instances are being targeted for data theft and extortion. To help defenders, we have released our Snowflake threat hunting guide, which contains guidance and queries for detecting abnormal and malicious activity across Snowflake customer database instances. Read the guide: https://bit.ly/4c3vrSY Read our blog post to uncover findings from our investigations into this threat campaign: https://bit.ly/4b6KUjC #Mandiant #Snowflake #ThreatHunting Direct link: https://lnkd.in/eSn32WKa

🌟Glimpses from our workshop at Data Security Council of India #AISS2023. The workshop was titled "Detection Engineering and Adversary Emulation". Swapnil A. focused on why it's important to detect behaviours, and how to test detections using adversary emulation. Going through the various methods threat actors steal credentials from browsers, how to build detections for these methods and a live threat hunting session using Splunk and FourCore ATTACK! #DetectionEngineering #AdversaryEmulation Hardik Manocha

Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6 #threathunting #threatdetection #infosec

set query_datetimescope_to = datetime(2024-04-30 18:22:00); SecurityEvent | where thanks goes to Blu Raven | summarize experience() Security investigations, threat hunting and detection engineering can't be done without a bit of typing! This was a great introduction to the power of KQL which is used in platforms like Sentinel and Microsoft Defender. Link in the comments if you'd like to try when new seats become available. 🔎 🔐 #KQL #security #analysis #siem #sentinel #defender

Go on the offense and hunt threats down before they become breaches. In this Sumo Logic blog, learn how threat hunting leverages data #analytics, machine learning, and threat intelligence to find potential issues automated threat detection might miss. #securityanalytics #poweroflogs

Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6

Start now with Attack Detective to validate your detection stack in less than 300 seconds with an automatic read-only ATT&CK data audit to find blind spots in your log source coverage. https://lnkd.in/duWUn_d6

Rely on Attack Detective to automatically scan your environment with custom parameters and dataset to determine the potential attack surface. Quickly filter the results and verify them in your Data Plane to remediate the threat in the least time possible.