The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Tag: cyber threat

Simple Guide To Threat Detection & Response

By

On November 25, 2020

In Security

What Is Threat Detection & Response (TDR)?

Threat detection & response is an application of big data analytics, where data analysis is conducted across large and disparate data sets to find anomalies, their threat level and response actions required to tackle these anomalies. TDR facilitates security professionals to detect and neutralize attacks before they can cause a breach.

What Is The Need For TDR?

Following are some reasons that emphasize on the requirement of TDR:

  • The large amount of data has made it difficult for cyber security teams to investigate and act on cyber attacks across widespread networks and operating environments in an effective and efficient manner.
  • The cyber threats have become more evolved and stealthier. They implement advanced evasion techniques such as making use of native OS tools. These techniques enable them to infect the systems without alerting the cyber security team.
  • Cyber attacks are directed by human operators, who are efficient in testing and adapting different pathways, if encountered by an obstacle. Thus, once inside the network, they are highly efficient in surpassing security systems.

In these circumstances, TDR helps in forming strong line of defense in layered next-generation security system.

  • The analysts and threat detectors uncover the attacks by looking for suspicious events, anomalies and patterns in regular activity. These anomalies are then tested to see if they involve malicious agents.
  • The human insight is coupled with AI technologies such as AI-guided detection. This makes it easier to analyze a large amount of data in a short period and efficient manner.
  • The TDR system does not only find the hidden threats, but also works towards finding a response to neutralize it.

What Is TDR Framework?

The TDR framework consists of four pillars:

  • Observe: What do you see in the raw data?
  • Orient: What is the context or how does it map against existing attack TTPs (tactics, techniques and protocols)?
  • Decide: Is it malicious, suspicious or benign?
  • Act: Mitigate, neutralize and re-enter the analysis loop

What Are The Components Of TDR?

TDR has five core components:

  • Prevention: Effective prevention requires the knowledge about the location of critical data and computational resources over the network. It involves effective and regular configuration of technology and access controls. Maintaining efficient prevention techniques reduces the number of security alerts generated on a daily basis.
  • Collecting Security Events, Alerts And Detections: Security data may be collected and reviewed by adopting any of these methods; Event-centric, Threat-centric, or Hybrid.
  • Prioritizing Signals That Matter: Once the events are detected, it is important to prioritize them to find actual threats. Apply well-managed security filters to separate security incidents from event logs.
  • Investigation: After isolating the key signals, measure them against industry frameworks and models for further investigation. The aim of the investigation is to check if the signal is indicative of an actual attack and where does it fall in the attack sequence.
  • Action: This involves identifying and implementing relevant response for containing the threats.

For more information on threat detection & response, contact Centex Technologies at (254) 213 – 4740.

Ticket & Travel Scams

By

On September 17, 2018

In Security

It often seems easy and convenient to make ticket bookings and hotel reservations online. However one has to be highly cautious while doing so to avoid falling prey to a cyber fraud. Since ticket & travel scams are quite common these days, it is important to be vigilant in order to stay protected from numerous travel websites which are tricking people by selling fake tickets.

Here are some most common ways in which a ticket and travel scam is done:

  • Free Or Discounted Vacation – The victim is often sent an email with a congratulatory message that they have won a vacation travel & stay for free or at a discounted rate but they will be required to pay a small fee or provide their credit card details in order to claim the offer.
  • Vacation Ticket Re-Sell Scam – Sometimes the victim falls prey to an ad posted by someone who claims to have purchased a ticket but wishes to re-sell it due to inability to go for the trip because of some personal reasons. Thus, the victim is fooled by an offer of getting tickets at a much lower fare.
  • Location Scam – Fraudsters post an ad of a vacation rental or hotel and when an interested person clicks on it to make the bookings, they are often asked for some security deposit or sometimes even the full amount. However, all their excitement and zeal to spend a perfect vacation goes off when they reach the booked destination and find that no such place exists and that they have been scammed.

Tips To Avoid The Scam:

  • Be Cautious – Look out for hints while scrolling through a website. Most likely a website that does not have an about and contact page would be a scam site. Also check that the URL has ‘https’ to make sure that it is a secure website.
  • Check Reviews Online – To know if the website is safe to use or not, make sure that you check their social media profiles, reviews, blog posts etc. because it is highly unlikely for a fake website to put in efforts for building up all fake reviews and social media handles.
  • Use A Credit Card – Credit cards are more secure than debit cards as they do not allow direct access to your bank account and are at a better position when it comes to protection from fraudulent activities.

For more information about IT Security, call Centex Technologies at (254) 213-4740.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)