Deepwatch

Enhance your cyber resilience through holistic security operations. Meet us at Black Hat 2024 to discuss. More to come 👉 https://deepwat.ch/4eIwYiY. #BlackHat2024 #Cybersecurity

Happy Independence Day! We wish everyone a fun and safe Fourth of July celebration! 🇺🇸 #IndependenceDay

🚨 Check out our latest Cyber Intelligence Brief, where our Deepwatch Adversary Tactics and Intelligence (ATI) team looks at new threats and techniques to deliver actionable intelligence for SecOps organizations. This week's Cyber Intelligence Digest ⤵️ ・SolarWinds Vulnerability Exploited ・Rafel RAT Targets Android ・UNC3886 Accesses VMs ・MOVEit Transfer Exploited ・BMANAGER Malware Emerges ・76 Organizations Added to Data Leak Sites Read now: https://deepwat.ch/3znJ7JZ #Cybersecurity #ThreatResearch #ThreatIntel

🚨 Advisory | PoCs Released for High Severity Vulnerability, CVE-2024-6387, in OpenSSH ⤵️ Several Proof of Concept exploits have been published for a recently announced OpenSSH vulnerability, tracked as CVE-2024-6387, elevating the potential for unauthenticated attackers to execute remote code. This can result in a complete system compromise, malware delivery, creation of backdoors, lateral movement, and the bypass of security mechanisms to obscure their activities and access to all data on the system. Read the full advisory and recommended actions curated by the Deepwatch Adversary Tactics & Intelligence team: https://deepwat.ch/4cOo7ut #Cybersecurity #ThreatIntel #SecOps

Deepwatch is excited to announce that John DiLullo has been appointed as chief executive officer! Succeeding Charlie Thomas, now serving as chairman of the Board of Directors, John brings immense experience and expertise to our organization, enabling Deepwatch to continue delivering world-class service to our customers. Welcome to the team, John! ➡️ Read the full press release here: https://deepwat.ch/4eNYDza #Cybersecurity #SecOps

Modern cybersecurity is currently dealing with an influx of tools, resulting in an influx of data storage and increased ingestion costs. As a security operations team, you may have responded to this challenge by reducing log volume - a short-term fix that ultimately increases security risk, moving data from one cloud to another - which becomes costly, or utilizing AI and ML models, which is still experimental and can become both risky and costly. We need a new strategy to combat the issue of data overload. In a recent discussion with CIO Influence, Neal Humphrey of Deepwatch discusses how an open security data architecture - that is, setting our security architecture across multiple data sets and locations that follow one cohesive data organization standard, allowing our security buckets to remain in their native cloud environments - reduces the cost burden of the current models for SIEM ingestion and storage. Read the full article here: https://deepwat.ch/3RO5RJk #Cybersecurity #SIEM

More from the Deepwatch Overwatch Podcast on YouTube: https://deepwat.ch/3VwgPVb #Cybersecurity #DeepwatchOverwatch

Great job GuidePoint Security - North Central team Doug Cummings III, Ben Walcker, David Durham, Hannah Detra and Bri Dietz on your annual golf outing. Well organized as always and awesome to see the growth in this market you are experiencing. Deepwatch is so proud of our long-standing relationship with GPS and where we are headed with you. Thanks to Ryan Petersen and Franklin Edwards for coming up to support this week. You boys are the best!

The SIEM market is consolidating fast. The rapid changes in the SIEM market, impacting 75% of top SIEMs and leaving only 25% untouched, highlight the need for flexible, future-proof security strategies. Wondering how you should respond? Consider transitioning your security operations to a model where your provider manages the tech stack, offering transparency and direct interaction with your data. An open security data architecture approach allows you to streamline your security operations, integrate new technologies, and maintain control over your data, regardless of the tools in play. By leveraging hyperautomation and scalable storage options, you can achieve effective and efficient modern security operations. #OSDA #Cybersecurity #SIEM

ICYMI: Deepwatch team members, Alan Reichner and Josh Servian shared some key insights on how organizations can effectively implement Splunk UI during last week's .conf. Check out the Github repository that can provide some helpful tips for setting up your Splunk UI development environment and a containerized testing environment for building out your first Splunk UI app, as well as some CI/CD tools for testing your app within Github using Splunk’s AppInspect. Access: https://deepwat.ch/45B4weM #Splunkconf2024 #SplunkUI