"Is the bigger risk with AI tools the information we put into them, or the accuracy of the output?" ....You can count on Ron Eddings for asking good questions about AI in cybersecurity! Thanks for hosting Roy Halevi on Hacker Valley Media's show for this conversation about the tools that are transforming security operations ?? #AISecurity #AISOC #SecOps #SecurityAutomation #Cybersecurity
Intezer
计算机和网络安全
New York,NY 7,612 位关注者
Leave the SOC grunt work to technology. Keep noise, false positives, and alerts from overwhelming your security team.
关于我们
Leave the SOC grunt work to Intezer. Automatically triage alerts 24/7, respond faster, and cut out noise & false positives. Try free: analyze.intezer.com
- 网站
-
https://www.intezer.com
Intezer的外部链接
- 所属行业
- 计算机和网络安全
- 规模
- 51-200 人
- 总部
- New York,NY
- 类型
- 私人持股
- 创立
- 2016
- 领域
- Malware Analysis、Threat Detection、Incident Response、Cybersecurity、Malware Classification、Threat Hunting、DFIR、Memory Forensics、Digital Forensics、Reverse Engineering、Security Operations、Memory Analysis、Attribution、Threat Research、Threat Intelligence、YARA、Disk Image Forensics、File Scanning、URL Scanning、Sandboxing、Attribution、Memory Dump Scanning、Alert Triage和SOC Automation
产品
![点击此处查看Intezer Analyze]()
Intezer Analyze
威胁情报平台
Intezer automates alert triage, incident response and threat hunting by analyzing potential threats (such as files, URLs, endpoints) and automatically extracts IoCs/hunting rules—providing clear classification and better detection opportunities. Easily integrates into SOC and IR teams workflows (EDR, SOAR, SIEM, etc.) to eliminate most false positives and reduce 90% of alert response time. With Intezer: ? Reduce 90% of alert response time ? Reduce Tier 1 escalation ? Get better detection opportunities ? Automate with existing workflow Get a demo www.intezer.com/book-a-demo-analyze/
地点
Intezer员工
动态
-
Here's the data on how Intezer's AI SOC solution performed, from the annual benchmark we performed: - 3.81% alert escalation rate - 97.7% accuracy for false positive alerts - 93.45% accuracy for true positive alerts - 2 min 21 second average alert investigation time (15 sec median) More from Itai Tevet below ??
I found that the most important 3 criteria to evaluate and compare AI SOC solutions are: 1. Escalation rate - out of all your ingested alerts, how many are escalated back to your team? This is important to make sure that enough workload is being reduced to your team. 2. Accuracy - how accurate are the verdicts of the AI SOC, both for true positive and false positive assessments? Extremely important in order to trust the technology to do the work for you. 3. Average investigation time - how long does it take from ingesting an alert to make a final decision? For real incidents, even a small difference can be dramatic. We have lately conducted an annual benchmark across our 2024 data, here's how Intezer performed: 3.81% escalation rate, 97.7% accuracy for FPs, 93.45% for TPs, 2 min 21 sec avg investigation time (15 sec median). This is absolutely mind blowing performance ?? and shows that the idea of Autonomous SOC or a true automated alert triage is not a pipe dream. We have A LOT MORE to work on, however, this data is so encouraging to continue our mission to address our industry's talent shortage problem.
-
Thanks to David Spark for always hosting a great show! Our team is proud to support the CISO Series community ??
Today’s CISO Series Newsletter features this week’s Defense in Depth hosted by me and guest co-host Dan Walsh, CISO, Datavant. Joining us is Sharon Milz, CISO, Time Inc. ? Here’s what we discussed: - A vicious cycle - Not all training is created equal - Don’t forget the human factor - We can still define success Huge thanks to our sponsor, Intezer. Please join us TOMORROW Friday, November 22nd, 2024 for our Super Cyber Friday event “Hacking E-Crime Trends.” REGISTER: https://lnkd.in/gCi7W-mm #CISOseries #CISO #security #infosec #informationsecurity #cybersecurity
-
??
Michael Calderin, CISO of YAGEO Group, told MES Computing that he has implemented a solution for cybersecurity alert fatigue from Intezer that he says helps and frees up his team to deal with the most serious threats to their business.
CISO Details How This Solution Helps His Team With Security Alert Fatigue
mescomputing.com
-
Great work from Ryan Robinson on the security research team explaining this sophisticated, evasive malware loader ??
Digital Forensics & Incident Response Senior Analyst w EY | DFIR | GCFA | GREM | GPEN | GIAC Advisory Board Member
?? Just found an excellent analysis of #BabbleLoader! Intezer has done a fantastic job breaking down #BabbleLoader. Its sophisticated design and stealthy techniques make it a critical threat to watch. Key features of #BabbleLoader: ?? Modularity: Supports diverse #malware types and payloads. ???♂? Stealth: Utilizes sophisticated obfuscation techniques to evade detection. ?? Versatile Targets: Observed delivering payloads related to VPNs, gaming, and other popular applications. Understanding loaders like BabbleLoader is crucial for strengthening defenses against malware-driven attacks. If you're in #cybersecurity, be sure to dive into Intezer's in-depth #analysis to learn more about its behavior and #mitigation strategies. Check out the full article here: https://lnkd.in/dd68GJZq #CyberThreat #MalwareAnalysis #IncidentResponse #ThreatHunting #InfoSec #Technology #Malware #Technology #ThreatIntel #SOC #DFIR
Babble Babble Babble Babble Babble Babble BabbleLoader
https://intezer.com
-
AI is a tool. Smart security leaders won't replace all their people with AI tools. But they'll probably promote the SOC analysts who know how to use AI tools to their advantage. As defenders, we have to constantly evolve. We have to keep learning to stay ahead of attackers. And we have to make sure we're using the right tools, the right way. #cybersecurity #SOC #AI #securityoperations #infosec #artificialintelligence
Will AI take over your role in the SOC? ?? Doubtful! With technology continuously changing, the amount of security and emergencies that require humans is only going up. Look for this week's episode with Roy Halevi, Co-Founder & CTO at Intezer, to hear more on AI and what it could mean for your cybersecurity role in the future! Do you agree? Do you think there are any jobs in the SOC that AI will be better at one day? #Cybersecurity #AI #SOC
-
A great SOC team that knows how to use AI to their advantage -- that's an ?amazing SOC team ?
You SHOULD be using AI to do your job! ?? Roy Halevi, Co-Founder & CTO at Intezer, joins today's episode to talk about how AI can make you better, faster, and more accurate in your work. With a shortage of people working in cybersecurity, AI isn't replacing roles— it’s enhancing them. Listen or watch to today's episode NOW! Head to the link in the comments to stream. ?? #Cybersecurity?#AI?#SOC
-
AI automation can make a real impact for the SOC -- just ask this SOC manager and CISO?? “I actually came to learn of Intezer through my security operations center manager,” Michael Calderin, CISO of YAGEO Group – an electronics components company – told MES Computing. Calderin said that with Intezer, his team can quickly sift through alerts and respond quicker to more critical ones. “We have a very lean team, and so automation is really critical to us. The amount of time that it takes to triage an event and understand what's really happening can eat into our ability to respond quickly. So, the more information that we have up front when we get eyes on screen, the faster a human can make a decision about what to do,” he said. SOC teams already have too many alerts. Intezer is a security tool that generates ZERO new alerts. Intezer investigates and triages alerts from your security tools. It resolves false positives. And it escalates the real threats to your SOC analysts with real context. This is how our AI helps analysts and reduces MTTR. Full story here: https://lnkd.in/eXRBfxap #cybersecurity #securityoperations #AI #autonomousSOC #SecOps #infosec
CISO Details How This Solution Helps His Team With Security Alert Fatigue
mescomputing.com
-
Intezer转发了
Senior Threat Hunt Analyst at Intel 471, Threat Hunting Evangelist, And #BlackHat Trainer. View my blog takes you to my most recommended Threat Hunting resource, our workshops!
Good day everyone! Ryan R. at Intezer shares with us their work analyzing the #BabbleLoader, which is an "extremely evasive loader, packed with defensive mechanisms that is designed to bypass antivirus and sandbox environments to deliver stealers into memory". There is a TON of analysis and intel here, so I am going to try and highlight the parts that I find significant and actionable! Defense Evasion: - The malware checks the installed graphics adapters to see if it is running in a sandboxed environment or not. This leverages the dxgi.dll which is the DirectX Graphics Infrastructure library. - It checks the amount of unique running processes in the machine by calling NtQuerySystemInformation. The magic number is 85 unique processes with the assumption that a true infected computer would have more running processes that a sandbox would. Next Stage: - The next stage involves a Donut loader which, according the the GitHub README states: "Donut?is a position-independent code that enables in-memory execution of VBScript, JScript, EXE, DLL files and dotNET assemblies.[1]" - The ultimate payload in these examples were WhiteSnake and Meduza Stealers. Hunt opportunity: In this case, because the Donut loader and other payloads involved use command and control as their communication, there is an opportunity to run an unstructured hunt for "new" or anomalous connections. The article also mentioned that the WhiteSnake stealer uses the TOR network for C2 which would involve the installation on the victim's machine, which is another opportunity to find something suspicious. Well, I am SURE there is plenty of information that is critical to everyone else BUT that is why it is time for you to read it for yourself! Enjoy and Happy Hunting! Babble Babble Babble Babble Babble Babble BabbleLoader https://lnkd.in/gQPHjNzA Supplemental [1]: GitHub/TheWover/Donut https://lnkd.in/gUUNeGix Intel 471 #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday Cyborg Security, Now Part of Intel 471
Babble Babble Babble Babble Babble Babble BabbleLoader
https://intezer.com
-
Intezer转发了
Global Operations Manager | Employee Experience | Procurement Expert | Driving Efficiency & Excellence in Operations
?? I’m proud to be part of a company that genuinely supports our reserve employees, standing by them with unwavering encouragement and providing equal opportunities for growth. ??? At our core, we believe in fostering an environment where everyone, regardless of their background or commitments, has the same opportunities to succeed. It’s this spirit of inclusivity and respect that truly sets us apart.? Grateful to work alongside a team that lives these values every day. ???? Intezer ?????? ???????????? #SupportOurReserves #EqualOpportunities #InclusiveWorkplace??
?????? ????? ??????: ????? ????? ??? ????? ????? Intezer ??? ????? ???? ????? ?????? ????? ????????????? ??????. ??? ???? ???? ?? Intezer, ???? ??-20% ???????? ??? ????? ????????, ???? ????? ????? ????? ???? ?????? ?????? ??? ???????? ????. ??? ???? ?? ????? ??????? ????? ??? ???: ?? ??? ??????? ?????? ????? ????? ?????? ????? ?? ?????? ??? ?????? ?????????, ?? ????! ?? ??? ????? ???? ????????????, ???? ?? ??? 300 ??? ???????, ??????? ?? ???????? ???? ????. ??????? ????? ????: 054-4421756 #?????????? #??????? #???? #Intezer
-