Many organizations are subject to government regulations such as ITAR or OFAC that prohibit any dealings with certain foreign nations. Others have countries that they will not do business with for reasons of corporate policy - because of rampant piracy or fraud for example. However with the Internet, what matters isn't always where another computer is located, at least not from the domain name it reports or the place a user fills in as its contact address. This means that, wittingly or unwittingly, devices in any organization may be connecting with other machines in locations that they are legally forbidden to have any communication with.Read More
Protective DNS, (aka PDNS or Secure DNS) will be the best performing and highest ROI security control you implement this decade. But before investing in a solution, gain an understanding of what PDNS is, its capabilities, critical considerations, and how to best implement it for both security and privacy.Read More
ThreatSTOP security analysts work around the clock to ensure our threat intelligence include the most relevant and critical indicators of compromise (IOCs). Their analysis and research ensures TS block these IOCs and by extension protect customers from the vast spectrum of cyber threats and related infrastructure. We've asked our analysts to share their favorite free analysis tools for every step of the threat analysis journey, as well as tips and analysis use cases on infamous malware variants. You can view all this awesome info in our Open Source Analysis Tools Infographic, or below in our more extensive blog series.Read More
Detecting, verifying and blocking malicious traffic is already quite the challenge in today's rapidly changing cyber threat landscape. Legitimate IPs acting like bad threat actors take this challenge one step further.Read More
VirusTotal is a great analysis platform for enriching data on IOCs and finding related malicious infrastructure. VT inspects IOCs with over 70 antivirus scanners and URL/domain blacklisting services. The platform offers a search engine for previously scanned items, as well as a number of URL and file submission methods, including the primary public web interface, desktop uploaders, browser extensions and a programmatic API.
In our opinion, VT's holy grail is its awesome VT Graph - a dynamic threat relations visualization, allowing users to view information about each entity, pivot over data points, edit the graph, and add new nodes. Users can also save their graphs and download the node list.Read More