The Good

Nigerian authorities have arrested a 37-year-old man alleged to be the leader of the SilverTerrier (Team TMT) business email compromise gang.

Interpol announced the arrest on Wednesday, and detailed how Interpol’s Africa Desk, AFJOC (African Joint Operation against Cybercrime), Nigerian law enforcement, and other private sector partners successfully tracked and apprehended the suspect.

Interpol and Group-IB announce the arrest of a 37yo Nigerian man, leader of the SilverTerrier (Team TMT) BEC ganghttps://t.co/mDGcCCcpUhhttps://t.co/lOPAXUXQBD pic.twitter.com/Soa4iAwP5p

— Catalin Cimpanu (@campuscodi) May 25, 2022

According to the statement, Operation Delilah began in May 2021, led by Nigerian police with three Interpol partners offering intelligence to the AFJOC.

Public and industrial analysts from Interpol’s Cyber Fusion Centre enriched the intelligence before referring it to the Nigerian police. Australian, Canadian and American law enforcement also supported the investigation by participating in several case-coordinating meetings.

With support from a private sector firm, investigators mapped out and tracked the suspect’s online activities and physical travel before police made the arrest at Murtala Mohammed International Airport in Lagos.

In their statements, Interpol officials expressed their hope that the operation would “stand as a reminder to cyber criminals across the world that law enforcement will continue to pursue them, and that this arrest will bring comfort to victims of the suspect’s alleged campaigns.”

This operation offers encouraging signs that governments and law enforcement officials across the world are taking notice of escalating cyber crime and proactively taking action to investigate and neutralize major threats. While the road ahead is a long one, the international investment displayed here, and the cooperation of major vendors in the private sector, is a great first step towards a safer cybersecurity landscape.

The Bad

This week, details emerged of an attack chain against Zoom clients that potentially left all Zoom users exposed to a zero-click vulnerability. Several bugs were discovered by a security researcher in February and Zoom released a patch in late April. All Zoom users are urged to ensure they update to version 5.10.0 if they have not already done so.

According to Zoom’s advisory, CVE-2022-22784 could allow an attacker to break out of the current XMPP message context and force a user’s client to perform a variety of malicious actions.

The same researcher also identified CVE-2022-22785, a vulnerability that allows threat actors to send user session cookies to a domain outside of Zoom, which leaves users open to spoofing attacks, and CVE-2022-22786, which allows an attacker to trick a user into downgrading their Zoom client to a less secure version.

Chaining the vulnerabilities together could allow an attacker to achieve remote code execution (RCE) without any user interaction.

Explaining the attack chain, Ivan Fratric, the Google Project Zero researcher responsible for discovering the bugs, said “The only ability an attacker needs is to be able to send messages to the victim over Zoom chat over XMPP protocol”.

He went on to explain that a threat actor could trick a targeted Zoom client into connecting into a man-in-the-middle server that downgrades a target’s Zoom client to a version from 2019.

These RCE attacks are possible because Zoom’s clients and servers use different XML parsing libraries, which means they also parse XMPP messages differently.

Although Zoom patched its servers against these vulnerabilities when they were first discovered in February, the client patch was only recently released. Zoom users that haven’t updated yet should patch their clients immediately to mitigate the risk.

The Ugly

HP’s security researchers are observing a malware campaign that leverages malicious PDFs to target Window PCs with malware through a code-execution vulnerability in MS Office that was discovered four years ago.

According to HP’s threat intelligence, threat actors trick targets into opening malicious emails and a PDF document labelled as a remittance invoice. Once the victim opens the document, the PDF file will load a fake Adobe Reader prompt designed to look legitimate and prompt users to open a malicious Word document.

Ultimately, this attack chain is designed to deliver an executable from the Snake keylogger family, which steals information from targeted users.

While malicious PDFs are hardly new, in recent years cyber criminals have primarily exploited Word documents or Excel sheets to infect machines with malware. However, researchers believe that the PDF format’s relative scarcity in today’s threat landscape is not only due to widespread awareness of Microsoft Office files but also to the belief that other document formats serve as better social engineering lures.

The existence of malicious documents like these is truly disruptive to vulnerable users and reminds us that not every emerging threat is cutting edge—older threats can still wreak just as serious damage.

As we navigate towards the midway-point of 2022, and despite current uncertainty over the company’s ownership, there is no doubt that Twitter remains cybersecurity’s favorite social media sharing platform. Whether you’re looking for the latest news on ransomware attacks and cybercrime, APTs and cyber war, digital forensics and incident response, malware outbreaks or reverse engineering, Twitter has it all and more.

Infosec is all about sharing knowledge, and on Twitter you’ll find our industry’s finest and brightest doing just that. So who should you be following in 2022 to stay up with current events, expand your knowledge and learn about new skills and resources? We’ve hand-picked 22 essential cybersecurity accounts for you to follow in 2022. While some you will find on our lists from previous years, there’s plenty of new, interesting and influential tweeters to discover on this year’s roster, too. Let’s check it out!

1. @KimZetter | Kim Zetter

Kim Zetter is a San Francisco-based journalist who has been writing about cybersecurity, national security and election security for over a decade. Author of a bestselling and authoritative book on Stuxnet, @KimZetter is an account where you will find the best in cybersecurity-related journalism.

“[Journalists] are not neutral chroniclers of this descent into authoritarianism… we have skin in the game. For journalism to survive, democracy must survive — the two need each other.” https://t.co/MG3yM0Zzjj

— Kim Zetter (@KimZetter) May 19, 2022

2. @maddiestone | Maddie Stone

Reverse engineer and zero-day exploit expert, Maddie Stone works as a security researcher at Google Project Zero and is a regular con speaker. Her twitter account @maddiestone is essential for anyone wanting to keep up with the latest bugs and zero-day discoveries.

New RCA for CVE-2022-22675 by @natashenka!

CVE-2022-22675 is an iOS/macOS in-the-wild 0-day in AppleAVD that was patched in March #itw0dayshttps://t.co/5xNZhGHdQK

— Maddie Stone (@maddiestone) May 17, 2022

3. @cyb3rops | Florian Roth

Florian Roth is a detection engineer who is probably best known for his YARA and IOC THOR APT scanner. Florian also has a vast collection of free tools and detection utilities available on github. Florian’s feed @cyb3rops contains an unmissable mix of original and curated content focusing on the latest threats and threat detection.

If someone exploits the vulnerable F5 boxes on the mgmt port from the Internet to run ‘rm -rf /*’

Is it mostly likely
A. a threat actor trying to cause havoc
B. school kid using curl
C. unsolicited help with the decommissioning so that real TAs can’t use them to ransom the org

— Florian Roth (@cyb3rops) May 11, 2022

4. @campuscodi | Catalin Cimpanu

Catalin has featured on our list in the past, and even though he now describes himself as an “Ex-cybersecurity reporter” after having moved to work on newsletters for podcasting outlet RiskyBiz, his Twitter feed @campuscodi is still a goldmine of curated cybersecurity news and intel that’s not to be missed.

Stack Overflow under attack: what we learned about handling DDoS attackshttps://t.co/H9bWuwqgxK pic.twitter.com/A2gFgd22Ae

— Catalin Cimpanu (@campuscodi) May 22, 2022

5. @cglyer | Christopher Glyer

Christopher is a Microsoft Threat Intelligence Center crimeware researcher, former incident responder and security architect. Follow @cglyer to stay on top of the latest malware outbreaks and developing news around ransomware and cybercrime.

The cybercrime economy has industrialized over the last 4 years since human operated ransomware burst onto the scene

Come for the @MsftSecIntel compendium of the ransomware ecosystem…stay for the hardening recommendations to help reduce your riskhttps://t.co/5OkI3b7TG3

— Christopher Glyer (@cglyer) May 11, 2022

6. @billyleonard | billy leonard

Billy Leonard is Global Head of Analysis of State Sponsored Hacking and Threats at Google Threat Analysis Group (TAG). While that sure is a lot of nouns, it all translates into a Twitter account worth following if you are interested in shares of IoCs and other valuable info pertaining to the latest threat actor activity.

Updates from @Google TAG on ongoing threats in Eastern Europe from APT28 and Turla , Ghostwriter, and Curious Gorge :https://t.co/AEXIGmUVRg

A few highlights … maybe a if you will:

— billy leonard (@billyleonard) May 3, 2022

7. @Kostastsale | Kostas

Speaking of detections, DFIRReport analyst @Kostastsale is a must-follow for anyone wanting to stay ahead of recent threat reports, detection tips and other DFIR related news. Kostas also has a collection of useful repos on Github covering YARA rules, MITRE ATT&CK navigator and Threat Intelligence playbooks.

As a defender, I read reports to stay up to date with recent threats reported by others in the industry. It also helps me generate ideas for future research, threat hunting, detection, or a deeper dive into TA’s infra.

This is what I am looking for when I read them
1/11

— Kostas (@Kostastsale) May 16, 2022

8. @vxunderground | vx-underground

A relatively new infosec account on Twitter, vx-underground has quickly amassed a large following of cybersecurity professionals due to a combination of entertaining yet informative tweets with breaking news and access for researchers to the latest malware samples. Malware hunters, reverse engineers and detection engineers alike will find @vxunderground a valuable addition to their daily digest.

We’ve updated the vx-underground malware sample collection. New additions:

– Nerbian RAT
– KurayStealer
– Chaos Ransomware
– CVE-2022-22954
– CrateDepression
– XorDdos
– Pymafka

Enjoy the rest of your weekend.

Download: https://t.co/L3GdoH9kLl pic.twitter.com/xdHSLZVdSP

— vx-underground (@vxunderground) May 22, 2022

9. @likethecoins | Katie Nickels

Katie is Director of Intel at RedCanary, as well as a SANS Certified Instructor for FOR578: Cyber Threat Intelligence, and Senior Fellow at the Atlantic Council’s Cyber Statecraft Initiative. Katie does great work in promoting the work of others and is a great source of information for those making their way in the infosec industry, follow her at @likethecoins.

“This is the stuff that will impact people’s lives” -Eleanor Fairford from @NCSC discussing the huge impact of ransomware vs. quiet espionage activity #RansomwareTaskForce (side note: Eleanor is rocking some gold sneakers and I am here for it.) https://t.co/Q0v2qnWBpo

— Katie Nickels (@likethecoins) May 20, 2022

10. @RidT | Thomas Rid

Professor of Strategic Studies and founding director of the Alperovitch Institute for Cybersecurity Studies at Johns Hopkins University’s School of Advanced International Studies, Thomas is one of the world’s foremost experts on politcally motivated cyber attacks, disinformation and cybernetics. @RidT is an essential follow for all those interested in the juncture between cyber, politics and information.

Remarkable that the UK’s and the Estonian statements are the most professionally worded ones: because more specific, as they mention GRU, and because they use proper estimative language. https://t.co/pWj0AuQ6jshttps://t.co/aWkzlGjmJx

— Thomas Rid (@RidT) May 10, 2022

11. @theJoshMeister | Josh Long

Josh Long has been on Twitter in the macOS/OSX security space longer than pretty much anyone else, and his following of almost 130K is testament to that. As a journalist specializing in cybersecurity issues relating to Apple, Mac and digital privacy, @theJoshMeister is a must-follow for all things related to security and the Cupertino giant.

Today marks 1 entire month since #Apple released #macOS Monterey patches for 2 “actively exploited” #zeroday vulnerabilities—while leaving Big Sur & Catalina vulnerable.

If you value #security & privacy, don’t wait on @Apple. Upgrade your #Mac to Monterey.https://t.co/HzbyX9UAFs

— Josh Long (the JoshMeister) (@theJoshMeister) April 30, 2022

12. @ryanaraine | Ryan Naraine

Another veteran of last year’s list, @ryanaraine remains an essential account to follow if you are interested in hackers and the business of cybersecurity. Ryan not only retweets the best of cybersecurity and infosec news from around the Twittersphere, he also offers thoughtful and insightful observations through regular podcasts.

“If an attacker can place a relaying device within BLE signal range of a mobile phone or key fob authorized to access a Tesla Model 3 or Model Y, they can conduct a relay attack to unlock and operate the vehicle…”

New NCC Group research: https://t.co/rJPREkhq7L

— Ryan Naraine (@ryanaraine) May 16, 2022

13. @craiu | Costin Raiu

Costin Raiu is one of those infosec people from whom there is always something to learn, and if you’re not following @craiu yet, then now is the time to become one of his 37K followers! The self-described “antihacker from another planet” is director of Global Research and Analysis at Kaspersky and serves as a superb source of all things cybersecurity.

Doing code similarity at scale and with great precision is hard. Here’s a blog I wrote on this topic: Looking at Big Threats Using Code Similarity. Part 1 – https://t.co/sZvMiFhODI

— Costin Raiu (@craiu) May 5, 2022

14. @AricToler | Aric Toler

Aric Toler is Director of Training & Research at Bellingcat, where he initially began as a volunteer way back in 2014. Bellingcat is a Netherlands-based investigative journalism charity specializing in OSINT, and Aric’s Twitter account is a great place to keep up with both his and their essential output.

How it started / How it’s going https://t.co/07BsVaJ98x pic.twitter.com/O6I0oZc48H

— Aric Toler (@AricToler) May 21, 2022

15. @evacide | Eva Galperin

Eva Galperin is EFF‘s Director of Cybersecurity and co-founder of The Coalition Against Stalkerware. Always relevant and often humorous, @evacide is an infosec account not to be missed for all things related to digital privacy.

Did you know that driverless cars record their surroundings continuously and that the car companies make this data available to the police? Well, now you do. https://t.co/5GKORpzTlv

— Eva (@evacide) May 11, 2022

16. @4n6lady | Shannon Brazil

Shannon is Associate Director at Arete Incident Response and an OSINT enthusiast. Her twitter feed is followed by 35,000 others for its engaging mix of personal and techy content with an emphasis on DFIR.

IMO: You shouldn’t be creeped out about someone conducting an OSINT report on you. You should probably ask for a copy to see how much information they were able to find by just Googling you. And then purge.

— 4n6lady (@4n6lady) May 18, 2022

17. @zackwhittaker | Zack Whittaker

As security editor at TechCrunch and author of the popular this.weekinsecurity newsletter, Zack is one of the first sources to look to for breaking cyber and infosec news. @zackwhittaker’s feed is a fantastic way to keep up with everything that’s going on in the cyber world that could affect your organization, whether it’s in the U.S. or abroad.

The latest ~this week in security~ just dropped:

• Conti calls for Costa Rica overthrow
• Cytrox spyware exploits Android zero-days
• 1.8M Texas residents’ data exposed
• ICE contractor spilled data
• DOJ’s new CFAA policy

https://t.co/NWlA7Y2TvAhttps://t.co/P8c1sLzRmg

— Zack Whittaker (@zackwhittaker) May 22, 2022

18. paπcake | @trufae

OK, let’s talk about reverse engineering, starting off with the underrated but hugely capable radare2 software, developed and maintained by paπcake, whose feed is worth following not only for news and updates regarding r2 and @radareorg, but for reverse engineering in general.

R2-5.7 will be out next week, and i’ve managed to pack several important changes. Stay tuned for the release notes!

— paπcake 󠁥󠁳󠁣󠁴󠁿 (@trufae) May 22, 2022

19. @Fox0x01 Azeria |  Maria Markstedter

ARM is becoming increasingly important for reverse engineers due its overwhelming use in Linux, iOS and now Apple’s M1 Macs. One of the best resources on the net for knowledge around ARM is Azeria Labs, aka Maria Markstedter. @Fox0x01 is an expert in ARM-based systems and is a thought leader in cybersecurity.

I’m incredibly excited to announce that I’ll be giving my first public training since the start of the pandemic!

Dates: Oct. 3rd – 5th
Arm Reverse Engineering and Exploitation (3 days) @ @objective_see in Barcelona, Spain.

Registration starts May 9th:https://t.co/ieTzRfdiKg pic.twitter.com/sMNmTeZ6TV

— Azeria (@Fox0x01) May 3, 2022

20. @HostileSpectrum | HostileSpectrum

Current events as they are, many of us in cybersecurity and elsewhere are taking a keen interest in the situation in Ukraine, how it’s developing, and what the wider lessons and ramifications might be. Follow @HostileSpectrum for great commentary on cyber war and the situation in Ukraine.

Russian sanctions against dead individuals are almost certainly deliberate. They preserve options for future association to new targets, especially for manufactured pretexts to reject new diplomatic, economic, travel activities on a whim regardless of basis.

— HostileSpectrum (@HostileSpectrum) May 21, 2022

21. @GossiTheDog | Kevin Beaumont

Hugely popular and tells-it-like-it-is cybersecurity writer Kevin Beaumont says he keeps his employer’s identity secret to spare them the complaints from irate organizations. For the rest of us, @GossiTheDog is often the first to break news and always has insightful takes worth reading.

Defender for Endpoint itself uses obfuscated PowerShell scripts. https://t.co/Gw0QemAwe0

— Kevin Beaumont (@GossiTheDog) May 20, 2022

22. @juanandres_gs | J. A. Guerrero-Saade

Juan Andrés Guerrero-Saade, more popularly known as JAG-S, is Principal Threat Reseacher at SentinelLabs. JAG-S twitter feed is the first place to look for his unique insight into cyber war, espionage and nation-state threat actors as well as relevant retweets and commentary on what’s happening at the forefront of cybersecurity research and intelligence.

Today we are releasing research into a campaign we call #CrateDepression– a supply chain attack where the attacker(s) sought to exclusively infect Gitlab CI pipelines, signaling a risk of further larger-scale supply-chain attacks.https://t.co/lcCx60i88I pic.twitter.com/v3htNiKFal

— J. A. Guerrero-Saade (@juanandres_gs) May 19, 2022

Conclusion

The beauty of Twitter is its diversity and accessibility, and so naturally there’s far more out there than just these 22 accounts to keep you informed and engaged. Think we’ve missed someone essential? Ping us on Twitter and let us know (though you might find them on one of our earlier lists here, here and here). And of course, don’t forget to follow SentinelOne and SentinelLabs on Twitter, too, to keep up with the latest cybersecurity news and threat intelligence.

Rarely a week passes by without news of another company being breached, a ransomware attack crippling critical infrastructure, or a data loss event causing millions to suffer a loss of privacy. On the other hand, these same organizations are trying as hard as they can to safeguard their customers, their data and their reputations. So what is missing? Is it a gap in technology? Is it about strengthening policies and procedures? Is it simply “the cost of doing business” – an inevitable outcome of the way we work and trade today?

In this post, I will share a few of the main reasons why we are where we are, and provide some simple steps for enterprises to take to change this paradigm.

Top 5 Trends That Increase Cyber Security Risk in 2022

There are a vast number of threats and threat actors out there, and their numbers are only growing. This expansion reflects a number of major technological shifts in recent years that have contributed to the changing threat landscape.

1. Increasing Discovery of Software Vulnerabilities

Vulnerability hunting has hit the big-time in recent years, thanks in large part to the popularity of bug bounty programs and “hacker” platforms that reward researchers and share knowledge. This is not only a good thing, it’s undoubtedly a necessary thing.

However, the flipside of better vulnerability reporting is faster time to exploitation, as threat actors rapidly jump on research publications and look for victims that have failed or are unable to patch. Exploited vulnerabilities can cause serious damage to all organizations, including those running our critical infrastructure.

Phasing out unpatchable technology and obtaining visibility across the entire digital estate are imperatives. Until then, the net result is that the bar for breaching unwary organizations will keep getting lower.

2. The Hybrid Nature of Today’s Networks

Users and identity represent the new cybersecurity frontier as the world of work moves away from the office to remote or location independent. As long as users are connected, they remain part of your network, whether they are in the next office or on the other side of the world.

The new reality of a distributed workforce increases the risk to enterprises as attackers shift to targeting end users and endpoints via compromising credentials and authentication methods at any point along the entire supply chain.

Take, for example, the recent highly-publicized activities of the Lapsus$ hacker group, which among other things compromised Okta’s systems by gaining remote access to a machine belonging to an employee of Sitel, a company subcontracted to provide customer service functions for Okta.

3. The Migration to the Cloud

The new kid on the block is your cloud assets. While businesses are growing rapidly by scaling up their offering with the cloud, it makes it harder for security teams and defenses to stay on top of that risk. The security implications of AWS, Azure or other cloud assets is difficult to grasp for many businesses, even those with large SOCs.

From cloud misconfigurations and compromise through vulnerable services – think Log4J – protecting cloud workloads can be a challenging task, particularly when they are spread over public clouds, private clouds and on-prem data centers.

4. Increasing Attacks on IoT Devices

‘Smart devices’ that are connected to the internet have increased the attack surface for organizations. From networked printers to security cameras, anything connected to the public internet can serve as a backdoor into your organization.

Increased risk caused by IoT devices includes unchanged default passwords, outdated firmware with known exploitable vulnerabilities, and the lack of network discovery for many IT and security teams. As threat actors scan networks with automated tools for any sign of weakness, administrators similarly need automated tools that can identify and protect any device as it is plugged into the network.

The increasing use of unprotected or insecure Smart devices has given attackers an easy way into networks, a beachhead from which they launch attacks to steal information or commit fraud through ransomware or other techniques.

5. Increase in BYOD and Mobile Authentication

While the use of mobile devices in the workplace has been with us for a number of years now, mobiles and mobile authentication is still creating new opportunities for malicious actors to steal valuable data.

Mobile authentication, or the verification of a user’s identity through a mobile device and one or more authentication methods to ensure secure access, has opened a new stream of attacks, using recycled numbers and other new attack vectors. Recent examples include attackers using social engineering techniques against users suffering from so-called “MFA fatigue”, where multiple 2FA push notifications trick users into authenticating fake login attempts.

The Threat Landscape is Booming

The bar for compromising enterprise assets is lower than ever before. There are a few reasons for that. As one of the main operating system vendors, Microsoft plays a significant role in this area. There are too many ways attackers utilize vulnerabilities to exfiltrate secured networks. Some novel examples include ProxyLogon, Hafnium, and many others. There are growing voices in our industry criticizing the way Microsoft handles researcher vulnerability reporting, including some very vocal discussions. Other OS vendors should also improve the way they respond to vulnerabilities, and work more closely with security vendors to make their products better.

Key Takeaways – A CISO’s Cybersecurity Checklist

• Eat Your Vegetables – Always stay ahead of best practices, ensuring you kill off any “low-hanging fruit” attack vectors. This includes enforcing multi-factor authentication and deploying endpoint protection on every computer, cloud or mobile device. Use your budget and create teams who live and breathe securing your organizations. Know your adversaries. Simulate attacks and see that you are ready for the day of a breach. Create backups. There are no shortcuts here.

• Create a Coalition – Cybersecurity is not a challenge only for the CISO: It’s a priority for the company. This means the CEO, the board of directors and other senior stakeholders should be aware of the risks and consider them against the priorities of the business.
  
  In 2022, there is no business without security. The CISO needs to ensure that all these stakeholders are aware of that and that they understand securing the enterprise does not happen in a silo. Share news, simulate breach responses, raise awareness. A breach can be caused by malicious actors or happen accidentally, but either way, it can cost companies millions in damages, lost revenue and reputational harm.

• Stay Informed, and Increase Awareness of End Users – Follow the news and share with your users. While some headlines can inevitably be overblown, they can also be motivating, and there’s nothing exaggerated about the cost of ransomware, BEC, fraud and other cybercrimes to businesses today. Keep your people in the know regarding cybersecurity risks by encouraging them to be aware and interested in cyberspace. If the topic is good enough for mainstream television, we can make it good enough for our users also.

• Get an Outsider’s Perspective – If you can run a red team, that’s great. If you cannot, work to establish periodic red team exercises to ensure there are no blind spots within your organization. If you are developing software or providing software as a service, run a bug bounty program and ensure “friendly eyes” are discovering your vulnerabilities before attackers do.

• Know Your Enterprise Assets – How well do you know the security implications of your AWS, Azure or other cloud assets? What are the security implications of running Docker and Kubernetes? Cloud-focused attacks are a rapidly growing area of interest to opportunistic and targeted attackers alike.
  
  While the techniques used in such attacks are vast and varied, they typically rely heavily on the fact that cloud networks are large, complex, and onerous to manage. This makes agent and container security solutions critical for the defense of any organization against all cloud platforms. Look for and deploy security solutions that make this complexity simple.

• Remember Supply Chain Attacks – Be in the know to reduce the risk of supply chain attacks. Although it is difficult for any security team to monitor and approve every business application entering the enterprise, visibility into every device can provide good insight into applications that may be more vulnerable than your end users believe.
  
  The previous year in cybersecurity showed us all how easy it is for adversaries to compromise widely-used applications. The SolarWinds and Kaseya compromises were unfortunate but timely reminders that software dependencies are a massive blindspot. When organizations rely on shared modules, plug-ins, and packages from open-source or non-security focused developers, the chance of such components being secure out-of-the-box is low.
  
  Attacks tend to seek the easy way in, and compromising relatively weak applications that are used by many is all an attacker needs. Technology can help to maximize visibility across the entire cyber estate.

Conclusion

There are no magic bullets, and cybersecurity remains a challenge that requires focus, knowledge and the right solutions that fit your business needs. SentinelOne is here to help CISOs with the challenge of securing the enterprise. To learn more about how to defend and protect your organization from today’s adversaries, contact us for more information or request a free demo.