Google Chronicle and SnapAttack
DOWNLOAD NOW > What’s in this Datasheet? SnapAttack is an intelligence-driven threat detection platform that provides threat-specific detection rules and hunting searches, recommended based off of an organization’s unique threat profile, for teams to quickly and easily implement in Chronicle. DOWNLOAD >
Hunting Impacket: Part 1
Impacket Overview Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, ICMP, and even higher-level protocols like SMB, MSRPC, NetBIOS, and others.One of the key strengths […]
How to Measure Threat Hunting ROI
The Problem with Threat Hunting Metrics Threat hunting is a massive commitment of time, resources, team members, and technology. Any investment that impactful would normally be one that was carefully measured to ensure it was driving sufficient value for the team. The thing is, there’s no established benchmark of “success” in threat hunting. Measuring the […]
Creating Actionable Threat Intelligence for Threat Hunters
Ask any security leader and they’ll tell you actionable threat intelligence is the cornerstone of a successful, threat-informed security operations center (SOC). However, to be of any real value to the team, threat intelligence needs to be relevant, timely, and supportive of next steps for the teams that utilize it. Due to the sheer volume […]
SnapAttack ThreatLabs: How to Detect CVE-2023-46214
Authored by Trenton Tait Threat Researcher at SnapAttack Linkedin Table of Contents: Intro + Overview Exploitation Example MITRE Mitigations Conclusion Detections, Attack Captures, and Resources CVE-2023-46214 is identified as a Remote Code Execution (RCE) vulnerability within Splunk Enterprise, as reported in the Splunk security advisory SVD-2023-1104 on November 16, 2023. Successful exploitation of this vulnerability […]
Threat Management isn’t Fantasy Football
Get your access to the webinar recording: Duration: 58 minutes | Partnering webinar with: Google Cloud Security About the Webinar Find out how to build and operate a game-winning threat management strategy by aligning your team, automating cumbersome processes, and measuring the right metrics (the ones that matter to your unique SOC). Join us […]
Accelerate SOC Maturity with Threat Hunting
Table of Contents: What Is SOC Maturity? Why Is It Important? What Does a Mature SOC Look Like? What Holds Organizations Back from Threat Hunting? Threat Hunting Benefits: Why Is Threat Hunting Important for SOC Maturity? What Is SOC Maturity? Why Is It Important? SOC leaders who got their start in security 10 or 20 […]
Modernize Threat Intelligence: Datasheet
DOWNLOAD NOW > What’s in this Datasheet? Prioritization, specificity, and actionability are common challenges with threat intelligence. With SnapAttack, they aren’t – no matter your team’s skillset. DOWNLOAD >
Google Cloud Security Partnership
DOWNLOAD NOW > What’s in this Datasheet? With Mandiant Threat Intelligence baked right into the SnapAttack platform, plus direct integrations with all major SIEMs like Google Chronicle, SnapAttack brings a structured workflow and detection power to unsilo your teams and your tools so that you can get more from your Google Cloud Security investment. DOWNLOAD […]
Analyst Report: SnapAttack for Continuous Threat Exposure Management (CTEM)
DOWNLOAD NOW > Traditional vulnerability management programs are restricted to isolated, reactive security operations…and that’s not enough to keep modern enterprises protected. Amid an expansive and sophisticated attack surface, organizations have embraced proactive, holistic, efficient approaches to cybersecurity. They’re turning to approaches like Continuous Threat Exposure Management (CTEM): the continuous, automated model to proactive security […]