Category: Extended Detection & Response

Where Comodo Engineering Talks

Kaseya VSA Breach – Consequences of Security Failures

The world has witnessed another large-scale cyber-attack. On July 2, 2021, Kaseya, an IT Systems Management software firm, disclosed a security incident impacting their on-premises version of Kaseya’s Virtual System Administrator (VSA) software. The result was up to 1500 companies being held hostage to a significant ransom demand. Incidents such as these are becoming more commonplace. We are seeing…
Read more

SunBurst : APT against Solarwinds , mapped to Kill Chain

Following the attack on FireEye, the details are revealed and the US Department of Homeland Security (DHS) has issued an Emergency Directive (ED) regarding a backdoor being exploited in SolarWinds Orion products. Several victims have been identified that has been infected using the same attack. Fireeye initiated first analysis upon the findings on their network…
Read more

Applying Attack Surface Reduction on top of Attack Surface Reduction : ASR2

First some definitions/terminologies so that we all know what we are talking about Threat Actor: A threat actor or malicious actor is a person, entity or an object responsible for an event or incident that impacts, or has the potential to impact, the safety or security of another entity. In Cybersecurity this can only be…
Read more

Comodo XDR: eXtended Detection and Response : Discovering Unknowns, Revealing Hidden Threats

Comodo was one of the pioneers of Extended Detection and Response into network (XDR), web and cloud and I guess I am the one to blame as I charted and executed the strategy for this in 2017. A few months later, starting seeing other vendors announcing their NDR solutions, all of a sudden this concept…
Read more