Security news aggregator

Latest coverage for Threat Detection

Threat detection identifies suspicious activity early, limiting attacker dwell time and damage when logs, alerts, and response procedures are maintained.

43 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat detection is the defensive process of finding signs that an attacker may be present or attempting to gain access. In a threat model, it is a monitoring control that uses endpoint, identity, network, application, and cloud telemetry—often enriched with threat intelligence—to identify suspicious behavior, such as credential misuse, unexpected privilege changes, or lateral movement. Its purpose is to reduce the time an attacker can operate and limit the scope of an incident; missing logs, evasive activity, and unmonitored assets can leave important attacks unseen.

The most relevant practice is to design detections around credible attack paths and the organization’s highest-value systems, then protect and retain the logs needed to investigate them. Detections should be tested against realistic activity, tuned to reduce false positives, and linked to clear triage and containment actions. Alert volume, poor data quality, or unvalidated rules can overwhelm analysts and delay response, so coverage and detection effectiveness should be reviewed as systems and attacker behavior change.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 43 Filtered view

Startup Maps Detections Against MITRE ATT&CK and Recommends Missing ProtectionsCribl acquired Boston-based detection engineering startup CardinalOps to help organizations continuously measure MITRE ATT&CK coverage, automate TTP-based detections across SIEM platforms and move behavioral threat detection closer to the telemetry pipeline.

Bank Info Security 4 weeks, 1 day ago

Accenture Buys Majority Stake in Dragos in $4.2B Deal

Deal Combines Dragos OT Threat Detection With runZero, NetRiseAccenture is acquiring a majority stake in Dragos and full ownership of runZero and NetRise in a $4.2 billion deal to build an end-to-end OT cybersecurity platform for power grids, water systems, manufacturing plants and other critical infrastructure operators.

System Translates Detection Rules Across Security PlatformsResearchers developed an AI framework that converts threat detection rules between major SIEM platforms including Splunk, Microsoft Sentinel and QRadar. The system uses LLMs and automated validation steps to preserve detection logic during migrations that often require months of manual work.

Bank Info Security 2 months, 1 week ago

WatchGuard Strengthens Cloud Detection With Perimeters Buy

WatchGuard Aims to Reduce Alert Fatigue Through Telemetry CorrelationWatchGuard acquired SaaS security startup Perimeters to strengthen cloud detection and response capabilities spanning identity threat detection, cloud posture management and shadow IT discovery as enterprises face escalating attacks targeting cloud applications and distributed environments.

Bank Info Security 4 months, 1 week ago

Fig Security Raises $30M to Modernize SOC Infrastructure

Series A Funding Aims to Give Security Teams Visibility Into Complex SecOps StacksFig Security has raised $30 million in Series A funding to help organizations modernize their SOC infrastructure. The startup said CISOs lack visibility into complex SecOps pipelines spanning SIEMs, data lakes and automation tools, which can lead to silent failures that undermine threat detection.

Accel-Led Funding Round Fuels AI-Native Detection and ResponseVega raised $120 million led by Accel to expand its AI-native security operations platform. The funding will boost product development and global go-to-market efforts as enterprises seek faster threat detection, broader analytics and support for complex multi-cloud and on-premises environments.

Accel-Led Funding Round Fuels AI-Native Detection and ResponseVega raised $125 million led by Accel to expand its AI-native security operations platform. The funding will boost product development and global go-to-market efforts as enterprises seek faster threat detection, broader analytics and support for complex multi-cloud and on-premises environments.

Bank Info Security 6 months, 2 weeks ago

Symantec, Carbon Black Unite Under Broadcom

Jason Rolleston: Unified Agent and AI Aim to Boost Midmarket Security CapabilitiesBroadcom's integration of Symantec and Carbon Black promises a unified single-agent framework and AI-enhanced threat detection to help small and midmarket businesses defend against sophisticated cyberthreats with limited resources, said Jason Rolleston.

Cyderes Aims to Fuse Identity, AI and Risk Signals in One Platform With Lucidum BuyCyderes has acquired Lucidum to expand its identity threat detection capabilities. Lucidum’s unique tagging and data integration will strengthen Cyderes' AI engine, enabling earlier detection of threats and human risk-based response by unifying off-SIEM telemetry with identity data.

Bank Info Security 8 months, 3 weeks ago

Salt Typhoon Targets European Telecom

Attack Began With Citrix NetScaler Gateway Compromise, Darktrace SaidThe Chinese cyberespionage hackers commonly tracked as Salt Typhoon haven't stopped their campaign against global telecoms, says managed threat detection firm Darktrace. The group has made telecoms and other digital infrastructure a primary target.

Bank Info Security 9 months, 1 week ago

Kaseya Buys Inky to Expand Email Threat Detection for MSPs

Email Security Acquisition Aims to Bring Cross-Platform Data to Phishing DefenseKaseya’s acquisition of Inky reflects the need for broader platform integration in email security. With phishing attacks becoming more subtle, founder and CEO Dave Baggett says access to login data and other platform signals is critical for threat detection.

Bank Info Security 10 months, 1 week ago

How Mitsubishi-Nozomi Deal Will Boost OT Cyber Capabilities

CMO Mike Plante on Nozomi Expanding Industrial Reach, Operating as Independent UnitJapanese Industrial giant Mitsubishi Electric will acquire San Francisco-based cybersecurity firm Nozomi Networks for $883 million. The two companies aim to fuse industrial data insights with advanced threat detection while keeping Nozomi as an independent brand.

Bank Info Security 10 months, 1 week ago

Shift5 Gets $75M for Cyber Push in Defense and Transit

Startup to Expand Dual-Use Tech, Tackle GPS Jamming Threats With Series C FundingWith a $75 million Series C raise, Shift5 plans to scale its operational intelligence platform across military and commercial transportation. Its focus includes enhanced threat detection, predictive maintenance and data-driven safety measures amid rising cyberthreats to infrastructure.

Bank Info Security 10 months, 2 weeks ago

CrowdStrike Buys Onum for $290M to Boost SIEM Data Ingestion

Buying Spanish Startup Brings Real-Time Data Pipeline Tech to Boost SOC EfficiencyCrowdStrike announced plans to acquire Spanish startup Onum Technology for $290 million. The move brings advanced data pipeline tools into its Falcon platform, speeding up threat detection and consolidating SOC workflows for customers leaving legacy SIEMs.

Bank Info Security 10 months, 3 weeks ago

Ontic Secures $230M to Scale Connected Security Platform

Physical Security Firm Eyes Insider Risk, Federal Growth and AI-Powered AutomationOntic has raised $230 million in Series C funding to expand its connected intelligence platform and pursue new federal and international markets. The Austin, Texas-based company will invest in AI, integrations and data to strengthen cyber-physical threat detection and automation.

Bank Info Security 11 months, 2 weeks ago

Corelight Uses Gen AI to Power Smarter Threat Detection

SaaS Enhancements Aim to Boost Network Detection, Response for Small Security TeamsCorelight’s SaaS platform Investigator is designed to bring scalable network detection and response to smaller security teams. CEO Brian Dye says Gen AI workflows and enriched network context help defenders identify threats faster and with greater confidence than ever.

COO Francis deSouza Explains Google Cloud's Push for Unified Multi-Cloud SecurityCOO Francis deSouza shares insights into Google Cloud’s security priorities as it pursues the $32 billion acquisition of Wiz. He explains the need for seamless multi-cloud protection, the value of Mandiant's threat intelligence, and how AI is changing threat detection and response at scale.

Startup Raises $30M, Uses Risk Intelligence to Preempt Reconnaissance AttacksFormer FireEye and Mandiant leader John Watters unveils iCounter, a new cyber risk intelligence startup focused on targeted attacks and AI-enabled adversaries. Backed by Syn Ventures, the firm aims to transform threat detection with deeper visibility into attacker reconnaissance.

Startup Boosts AI-Driven Detection, MSP Channel Outreach and Hiring With Series BGuardz has secured $56 million to deepen AI-powered threat detection and enhance automation for MSPs. The Series B funding will support platform engineering, channel marketing and operational scaling as Miami-based Guardz targets a simplified and consolidated cybersecurity future.

Context-Driven Insights, Automation Fuel Faster, Clearer Decisions for Cyber TeamsWith its acquisition of San Francisco-based startup Fletch, F5 is embedding agentic AI into its security platform to automate threat detection and response. The technology provides real-time context, filters irrelevant alerts and helps security teams prioritize urgent risks and mitigation tasks.

Loading more headlines...