From the report, “The fight to protect your company’s data isn’t for the faint of heart. As an embattled IT warrior, with more systems, apps, and users to support than ever before, keeping everything up and running is a battle in itself. When it comes to preventing the worst-case scenario from happening, you need all the help you can get, despite your super-hero status. That’s why we’ve developed this incident response guide. We’ve collected and curated decades of infosec war stories and intelligence — from across the galaxy — so that you’re better armed in the fight against cybercrime. You’ll have an insider’s perspective on how to build an incident response plan and team, and what tools and training you can use to arm those team members.”

Sonatype’s 4th annual report on managing open source components to accelerate innovation.

The goal of this white paper is to bring clarity to cyber threat intelligence. It explains the different categories of CTI and discusses some use cases to illustrate ways it can be applied and utilized to augment security teams’ efficiency and gain an edge over the attackers. Finally, it discusses CrowdStrike’s approach to threat intelligence.

This report offers insight into Ransomware and explains the growing threat that impacts enterprise security.

The purpose of this white paper is to help users understand how CrowdStrike ® uses ML to protect endpoints. To get there, we must first clarify what ML is and how it works. Then we will describe how Crowdstrike implements ML, specifically in the area of malware detection. Finally, we will discuss the benefits and limitations of applying ML in cybersecurity. In the end, the reader will get a better understanding of ML and how — when used correctly — it can help defend against cyber threats.

Based on extensive use of CrowdStrike’s next generation endpoint protection platform to detect and prevent sophisticated attacks against large organizations, CrowdStrike’s in house team of security experts, adversary hunters, intelligence analysts and incident responders have pooled their knowledge to produce this valuable guidebook and checklist for proactively enhancing your corporate information security procedures while avoiding common mistakes and pitfalls.

This brief whitepaper offers some thoughts on why endpoint security should move to the cloud.

This report offers a checklist for surviving a Cyber Attack.

This report discusses a key issue in a Malware-centric defense approach; it will leave you vulnerable to attacks that don’t leverage malware. Read on to learn more.

This paper presents the results of a survey that sought to understand how IT decision makers are thinking about the term “software supply chain attacks.”

This paper discuses a particular Business Email Compromise that has appeared out of Nigeria.

This research was conducted to understand the challenges and issues facing UK businesses right now in their fight against cybercrime including hacking, malicious attacks, and breaches, and to scope how organisations are using threat hunting to strengthen their defences.

This report offers an analysis of may of the significant cyber security events of 2017.

This white paper seeks to explore more fully how traditional AV has had its day, and how the principles of big data are now applicable to both detecting and preventing IT security threats.

Carbon Black adapts key sections from the SANS Buyer’s Guide for Endpoint Security and provides assistance for helping you assess your options.

This report from July of 2018 discusses China, Russia & North Korea Launching Sophisticated Espionage-Focused Cyberattacks.

From the report, “During the past six months, Carbon Black looked into the dark web to determine how cryptocurrency malware is being bought and sold, fostering a burgeoning economy designed to pilfer some of the most popular cryptocurrencies on the market.”

In this survey of 40 CISO’s from major financial institutions, revealed trends in lateral movement, counter incident response, integrity attacks and the most concerning threat actors organizations face.

From the report, “IT security leaders know their companies’ endpoints, PCs, and servers are continuously targeted by hackers. They also agree following best practices in endpoint security hygiene is instrumental in reducing cyber incidents. However, our 2017 survey of IT security leaders points to a situation where most are concerned about their actual practices in endpoint security hygiene. Fortunately, most also acknowledge they need to improve. When it comes to identifying their top priorities, IT security leaders are clear: they want to reduce the frequency and severity of data breaches; streamline regulatory compliance; and maintain business continuity. When it comes to identifying and executing upon the security hygiene best practices required to deliver on these priorities, things begin to get murky. Our 2017 survey of IT security leaders reveals a situation in which most respondents express concern about their security hygiene practices and waning confidence in the ability of existing tools to help them improve. Read on for more about what we learned, plus five recommended action items you can take today to address these issues.”

This report is part of a larger developing series, the aim of which is to apply a different approach to threat intelligence to identify a new threat actor and its previously unknown espionage campaigns; it also aims to link together campaigns that were assumed to be unrelated, or which were falsely attributed to other groups. We call this new project — and threat actor — The White Company in acknowledgement of the many elaborate measures the organization takes to whitewash all signs of its activity and evade attribution. The White Company consists of three reports. The first report tells the story of the overall campaign and presents forensic findings in a manner suitable for a general audience, including analyses of the technical and geopolitical considerations that enable readers to draw conclusions about the threat actors and understand the campaign in context. Two additional technical reports follow: One is focused on The White Company’s exploits, the other on its malware and infrastructure.

The purpose of this white paper is to introduce managed security services as a key strategy for evolving your business.