8 matches found
Accelerating detection engineering using AI-assisted synthetic attack logs generation
In this article 1. Core Idea: From TTPs to Logs 2. Approaches for Synthetic Attack Log Generation 3. Evaluation Datasets 4. References 5. Learn more Logs and telemetry are the foundation of modern cybersecurity. They enable threat detection, incident response, forensic investigation, and complian...
Event-Driven Temporal Graph Networks for Asynchronous Multi-Agent Cyber Defense in NetForge_RL
The transition of Multi-Agent Reinforcement Learning MARL policies from simulated cyber wargames to operational Security Operations Centers SOCs is fundamentally bottlenecked by the Sim2Real gap. Legacy simulators abstract away network protocol physics, rely on synchronous ticks, and provide clea...
Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack
The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery CI/CD...
Threat Intelligence Sweeping now supports container security telemetry data
Threat Intelligence Sweeping starts to support sweep container security telemetry data. Users can now use the TI tool to identify possible malicious activity in their container-based environments. The trigger events are visible in workbench alert...
Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM
Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report...
New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks
Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence AI tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear...
What makes a good "DNS Blacklist"? - Part 1
Reflections on Modern Actionable Threat Intelligence used to turn a DNS Resolver into a Critical Security Tool Akamai has just launched the Enterprise Threat Protection ETP platform. ETP is built on Akamai's global AnswerX Cloud that now reaches 28 countries and is expanding to new countries ever...
Open Source OpenSOC Security Analytics Framework Released
Cisco announced today that it has made available through open source a framework that integrates data analytics tools into security operations. “The OpenSOC framework helps organizations make big data part of their technical security strategy by providing a platform for the application of anomaly...