Cognitive Intelligence

During our threat hunting exercises in recent months, we’ve started to observe a distinguishing pattern of msiexec.exe usage across different endpoints.

Ways of structuring the presentation of machine-generated alerts, so that each alert offers a cohesive and compelling narrative.

This blog post contains observations of Cognitive Intelligence Team over Gamaredon Group's activities during the month of March 2022

We all know what alert fatigue is. In this blog, we explore how we tackle it. How does our Alert Fusion system work?

We summarise in this blog Emotet threat, it’s lifecycle and typical detectable patterns. In the second part of the blog we show how to use GTA.

Security professionals are working to assess their exposure to Apache Log4j vulnerability (CVE-2021-44228). The following guide on how to respond is here.

Network telemetry can identify user behaviors, malicious tools installed in enterprise environments, and malware itself. Are you applying a global view to your network? If not, read on to learn more.

The Threatwall is a live display of threats on open conference wireless networks wherever it is deployed, such as Cisco Live or WMC, providing valuable insights on network traffic trends.

Command Line Argument Clustering algorithm is an innovative weapon that works for security analysts to help uncover evasive malware and morphing threats in their environments.