In a forth coming article about our new Security Operations Centre (SOC-as-a-Service), I discuss the different between passive protection – which you must have – and reactive, continuous 24/7 Cyber Security Monitoring. This article from Bleeping Computer illustrates how threat actors carefully take apart the protection you are using to find out how to get around it. Then they exploit that gap before the vendor can fix it.
Hackers start using double DLL sideloading to evade detection (bleepingcomputer.com)
You defence here is that when threat actors get inside your defences, they start to leave a trail of, usually, identifiable suspicious activity that a monitoring system backed by experienced cyber security analysts can recognise. Once recognised as a possible threat action can be taken.
That is what our new SOC-as-a-Service will provide for even the smallest of organisations at a price they can afford.
Clive Catton MSc (Cyber Security) – by-line and other articles