Anomaly Detection

Anomaly detection in a timely manner and the potential impact of events is understood.

Statistical anomalies: If a measured, important value crosses a threshold or deviates from any type of mathematical norm, this can be used as an indicator or malicious activity. For example, if a user typically sends 2GB of data a day, but is sending 2TB, this might be a sign of data exfiltration.

Heuristic anomalies: These are general, suspicious behaviors that are related to actions a malicious actor takes during an attack cycle. For example, if an organization is seeing many open connections to a country where they don’t conduct business, this should be a warning sign. Likewise, if a point of sale system only ever runs a known group of processes, but then suddenly a new one appears, it should be treated as highly suspect.

What Does This Mean?

1: A baseline of network operations and expected data flows for users and systems is established and managed
2: Detected events are analyzed to understand attack targets and methods
3: Event data are aggregated & correlated from multiple sources & sensors
4: Impact of events is determined
5: Incident alert thresholds are established

LogRhythm

LogRhythm’s?security intelligence and analytics platform enables organizations to detect, contain and neutralize cyber threats with threat lifecycle management.

Carbon Black

Carbon Black?and the Cb Predictive Security Cloud are transforming endpoint security, supporting a number of services that deliver next generation endpoint protection and operations with big data and analytics.

Recommend Solutions

Whatever your company is most known for should go right here, whether that’s bratwurst or baseball caps or vampire bat removal.

Program Implementation Support

Are you looking for a partner to help develop industry best practices into your security program?Leading security professionals with the experience and professionalism you desire are at your fingertips.

Contact us today and let us know how we can be of service!

Contact Us

HITRUST Certification vs HIPAA: What you Need to Know

September 19, 2021David RauschendorferBlogNo Comments

What is the difference between HITRUST Certifications and conducting a HIPAA Risk Assessment? Join us in today’s video as we…

Why Do Businesses Need an Incident Response Plan?

September 16, 2021David RauschendorferBlogNo Comments

Join us in today’s video as we show you Why Do Businesses Need an Incident Response Plan? An incident response…

Vulnerability Assessment vs. Penetration Testing: What’s the Difference?

September 15, 2021David RauschendorferBlogNo Comments

Understand the difference between conducting an annual penetration test, compared to completing a monthly vulnerability assessment in your IT environment….

Healthcare Cyber Security Trends: What You Need to Know Now and Going Forward

September 10, 2021David RauschendorferBlogNo Comments

Healthcare Cyber Security Trends: What You Need to Know To Schedule Your Next Enterprise Security Risk Assessment Please Contact Your…