NetWorks Group Blog

Modeling an effective threat detection and response program

Posted by NetWorks Group on Dec 19, 2017 10:35:41 AM

Modeling an effective threat detection and response program

Know Your Enemy

Read More

Topics: Managed Detection & Response, Information Security, Threat Hunting, Threat Management

Protect. Detect. Respond: The Case for Managed Detection and Response

Posted by NetWorks Group on Nov 27, 2017 10:49:18 AM

Cyber security is on the mind of every business executive in the world. Modern security challenges are not easy to fix or even identify, and despite some misleading advertising from vendors, there is no one-size-fits-all solution. We frequently observe large visibility gaps in existing security implementations, providing even obvious red flags to slip under the radar. Firewalls and traditional antivirus software are important, but only react to known threats. Too many organizations rely on passive preventative technology for network security. Good attackers employ stealth and polymorphic tools that defy signature-based detection, allowing them to bypass these technologies all together. We must assume that threats will get in, and no system is impenetrable.  

Read More

Topics: Security Monitoring, Managed Detection & Response, Information Security, Threat Hunting, Threat Management

Honeypots: Is This Thing On?

Posted by Nick Brigmon on Oct 30, 2017 10:19:48 AM

Honeypots once were a dying technology. In the age of generic anti-virus, a device that did not show immediate results wasn’t well received by most I.T. that had trouble understanding the security benefits behind the stealthy device. The truth of the matter is these honeypots are one of the most powerful internal detection mechanisms a network can have. A fully configured honeypot can help detect and stop a full blown internal attack.

Read More

Topics: Managed Detection & Response, Ethical Hacking, Threat Hunting, Threat Management

Threat Detection - Logs, Log Sources and Analysis Make All the Difference

Posted by Matt Warner on Oct 10, 2017 9:25:00 AM

Threat detection has grown to a complex and messy activity in organizations. Many utilize Security Information and Event Management systems which can play a critical role in today's enterprise.  In order to do their job, SIEMs depend on the logs generated by the enterprise's various systems. Sounds simple enough. However, in a typical Fortune 500 company scenario, an astounding amount of log data is generated. It's not at all unusual to see 10 Terabytes of plain text per month. Fact is, there can be hundreds, even thousands of sources of log data in the typical enterprise. Even small and medium sized businesses will be overwhelmed trying to collect, analyze, and store their log data. The questions are, then, “Can you collect AND analyze them all? Should you? Will the the infrastructure support storage and ongoing detection? Do you have the expertise in place to analyze logs and maintain the infrastructure to do so?”  

Read More

Topics: Security Monitoring, Managed Detection & Response, Information Security, Threat Hunting, Threat Management

Estimating Total Cost of Ownership of Your SIEM Deployment

Posted by Jyothish Varma on Aug 18, 2017 11:15:33 AM

Are you in the market exploring options for security log monitoring and management? If so, I’m sure you are inundated with requests for a meeting from various SIEM (Security Information and Event Management) vendors.

Read More

Topics: Security Monitoring, Managed Detection & Response, Information Security, Threat Hunting, Incident Response, Threat Management

VENOM - Xen, KVM, and QEMU Virtualization - High Vulnerability Advisory

Posted by NetWorks Group on May 13, 2015 10:24:00 AM

VENOM (Virtualized Environment Neglected Operations Manipulation)

If you are currently utilizing Xen, KVM or QEMU virtualization products you need to apply patches. VMware and Microsoft Hyper-V virtualization products are not affected.

Read More

Topics: Threat Hunting, Vulnerability Management, Threat Management, Threat Advisory

NetWorks Group is Hiring: Come Join Our Team!

Posted by NetWorks Group on May 6, 2013 9:17:00 AM

If you're a fan of delicious restaurants, awesome concert venues, Big 10 sports, or just a bike-friendly city, then you should probably be working with us in beautiful downtown Ann Arbor, Michigan. The team at NetWorks Group works at the corner of Main and Huron, a central-point to blocks of great places to shop, eat, and relax at. Located a short distance from the University of Michigan, NetWorks Group benefits from the feeling of both a college-town and an active business hub for southeastern Michigan. For a vibrant mixture of cultures, architecture, and activities, Ann Arbor is hard to beat!

Read More

Topics: Security Monitoring, Managed Detection & Response, Ethical Hacking, Device Management, Information Security, Threat Hunting, Vulnerability Management, Security Architecture Review, Compliance, Penetration Testing, Incident Response, Threat Management

Subscribe to our blog!