Impacket Detection – Part II: Detecting Impacket Attacks with Trovent MDR
Find out how Trovent MDR's rule-based detection engine can be used to detect Impacket attacks.
Impacket Attack Detection: Introducing Yet Another ETW Tracing Tool
Our Trovent Security Research Team developed its own ETW tracing tool. We’ll explain how YAETWi makes life easier for malware analysts and pentesting experts.
Application Control as a Security Measure: How to Avoid Dangerous Configuration Errors
Restricting applications is an important IT protection measure. You must take this into account when configuring application controls.
How Can C2 Traffic Be Detected in Regular IMAP Data Traffic?
Does the command and control traffic of an attack transmitted via IMAP remain "invisible"? Or can a purpose-built IMAP C2 agent be detected? Our Trovent Security Research Team tested this specific scenario.
Rising costs: Is cyber insurance still worthwhile?
Insurers are becoming increasingly strict and expensive when it comes to cyber insurance. These are the reasons. And here's how you can react to save costs.
ISO 27001: The right way to deal with technical vulnerabilities
Vulnerability management, catalog of measures, processes, tools, etc.: How can the requirements of the old and adapted ISO 27001 be met with regard to technical vulnerabilities? We answer the most important questions for companies.
Comparing Detection Results with Microsoft365 Defender
Our objective: Comparing detection results from our EAGLE system with Microsoft365 Defender. And since the environments we typically work in are hybrid IT environments, consisting of both cloud and on-premise infrastructure, we wanted to make sure to include on-premise Windows machines in our testing process.
Vulnerability management in critical infrastructure
Vulnerability management in critical infrastructure - practical experience from the tank storage industry. To manage risks, you need to know your attack surface in the IT and OT infrastructure. Vulnerability management in critical infrastructure is therefore essential.
Tired of Slow, Manual Logstash Syntax Checking?
In order to accelerate the process of writing log parsers in Logstash, we set out to develop our own Logstash syntax checking tool. This blog article outlines how the syntax checker works and explains how this does not interfere with Logstash’s real-time pipelining capability.
Reducing the attack surface through vulnerability management
If we have to assume that the human vulnerability will be exploited sooner or later, the underlying IT infrastructure must be hardened accordingly and the attack surface consistently reduced.