Intezer Protect Archives - Intezer

Log4Shell (Log4j RCE): Detecting Post-Exploitation Evidence is Best Chance for Mitigation

Vulnerabilities like Log4Shell (CVE-2021-44228) are difficult to contain using traditional mitigation options and they can be hard to patch. It can be hard to...


Implement these MITRE D3FEND™ Techniques with Intezer Protect

The MITRE Corporation released D3FEND™ (aka MITRE DEFEND™), a complementary framework to its industry acclaimed MITRE ATT&CK® matrix. MITRE D3FEND provides defense techniques...


Conducting Digital Forensics Incident Response (DFIR) on an Infected GitLab Server

GitLab servers are under attack with a now-patched critical vulnerability Earlier this week we investigated an incident that occurred on a new...


Exposed Prefect Workflows Could Lead to Disruptive Attacks

Workflow management platforms are powerful tools for automating and managing complex tasks. Integrating workflow platforms can help companies coordinate and ease their...


7 Factors to Consider When Choosing a Cloud Workload Protection Platform (CWPP)

Cloud Workload Protection Platforms (CWPPs) are a new generation of modern, scalable security solutions designed to protect applications in today’s landscape of...


Misconfigured Airflows Leak Thousands of Credentials from Popular Services

This research refers to misconfigured Apache Airflow managed by individuals or organizations (“users”). As a result of the misconfiguration, the credentials of...


Essential Security Tools for GCP

Cloud security constructs are always aligned with the concept of shared responsibility. GCP emulates this principle with its own shared responsibility model,...


Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike

Key Findings Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratchLinux malware is fully undetected by vendorsHas IoC and...


What is a Cloud Workload Protection Platform (CWPP)? And Why Do You Need It?

The cloud has completely transformed the IT landscape over the last few years. And it’s now entering a new era of hybrid-cloud...


New Attacks on Kubernetes via Misconfigured Argo Workflows

Key Points Intezer has detected a new attack vector against Kubernetes (K8s) clusters via misconfigured Argo Workflows instances. Attackers are already taking advantage of this...


Genetic Analysis and Lessons Learned from REvil Attack

Validating your Software Supply Chain for Tampering SolarWinds, Codecov and now Kaseya are the latest supply chain attacks we know about. In...


Top 10 Linux Server Hardening and Security Best Practices

If you have servers connected to the internet, you likely have valuable data stored on them that needs to be protected from...


Reduce the Attack Surface with These Unique Runtime Features

Prioritize immediate risks in your cloud production environment Recently added Intezer Protect features for reducing the likelihood of an attack have a unique...


9 Tools to Use Right Now to Improve Azure Platform Security

Security is changing as companies move their mission-critical workloads to the cloud, with Azure as one of the preferred destinations. Security in Azure follows...


CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data

In this post I will explain how the Microsoft Azure Virtual Machine (VM) extension works and how we found a fatal vulnerability in...


Announcing Configuration Checks and Vulnerability Management

We’re excited to announce the release of two new Intezer Protect features. Intezer Protect now offers under the same roof not only...


2020 Set a Record for New Linux Malware Families

Intezer’s 2021 X-Force Threat Intel Index Highlights It was a lot of fun collaborating with IBM on their 2021 X-Force Threat Intelligence...


8 Reasons to Try Intezer Protect Community Edition

Last week we launched the community edition of Intezer Protect. With strong Linux threat detection, low overhead and no slowdown in performance, Intezer Protect is...


Intezer Protect Community Edition Now Available

Free runtime protection for your cloud workloads Get Started Today we go live with the Intezer Protect community edition. After a few months...


Community Beta Announcement

Update: Intezer Protect community edition is out of Beta and now available to everyone. Get Started Today we go live with the...


Introducing runtime Cloud Workload Protection Platform (CWPP) Intezer Protect

Unveiling our Cloud Workload Protection Platform (CWPP) which defends your cloud servers in runtime against the leading cause of cyber attacks: unauthorized and malicious...


Intezer Protect: How it Works

Intezer Protect is our NEW runtime Cloud Workload Protection Platform (CWPP). Powered by Malware Analysis technology, this solution continuously monitors the code running...

© 2022 All rights reserved
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
CrowdStrike + Intezer: Automation for Alert Triage, Response, and HuntingCrowdStrike + Intezer: Automation for Alert Triage, Response, and Hunting Learn more