Security news aggregator

Latest coverage for Threat Detection

Threat detection identifies suspicious activity early, limiting attacker dwell time and damage when logs, alerts, and response procedures are maintained.

143 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Threat detection is the defensive process of finding signs that an attacker may be present or attempting to gain access. In a threat model, it is a monitoring control that uses endpoint, identity, network, application, and cloud telemetry—often enriched with threat intelligence—to identify suspicious behavior, such as credential misuse, unexpected privilege changes, or lateral movement. Its purpose is to reduce the time an attacker can operate and limit the scope of an incident; missing logs, evasive activity, and unmonitored assets can leave important attacks unseen.

The most relevant practice is to design detections around credible attack paths and the organization’s highest-value systems, then protect and retain the logs needed to investigate them. Detections should be tested against realistic activity, tuned to reduce false positives, and linked to clear triage and containment actions. Alert volume, poor data quality, or unvalidated rules can overwhelm analysts and delay response, so coverage and detection effectiveness should be reviewed as systems and attacker behavior change.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 143 Filtered view

Startup Maps Detections Against MITRE ATT&CK and Recommends Missing ProtectionsCribl acquired Boston-based detection engineering startup CardinalOps to help organizations continuously measure MITRE ATT&CK coverage, automate TTP-based detections across SIEM platforms and move behavioral threat detection closer to the telemetry pipeline.

Bank Info Security 4 weeks, 1 day ago

Accenture Buys Majority Stake in Dragos in $4.2B Deal

Deal Combines Dragos OT Threat Detection With runZero, NetRiseAccenture is acquiring a majority stake in Dragos and full ownership of runZero and NetRise in a $4.2 billion deal to build an end-to-end OT cybersecurity platform for power grids, water systems, manufacturing plants and other critical infrastructure operators.

Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen […]

System Translates Detection Rules Across Security PlatformsResearchers developed an AI framework that converts threat detection rules between major SIEM platforms including Splunk, Microsoft Sentinel and QRadar. The system uses LLMs and automated validation steps to preserve detection logic during migrations that often require months of manual work.

Bank Info Security 2 months, 1 week ago

WatchGuard Strengthens Cloud Detection With Perimeters Buy

WatchGuard Aims to Reduce Alert Fatigue Through Telemetry CorrelationWatchGuard acquired SaaS security startup Perimeters to strengthen cloud detection and response capabilities spanning identity threat detection, cloud posture management and shadow IT discovery as enterprises face escalating attacks targeting cloud applications and distributed environments.

Bank Info Security 4 months, 1 week ago

Fig Security Raises $30M to Modernize SOC Infrastructure

Series A Funding Aims to Give Security Teams Visibility Into Complex SecOps StacksFig Security has raised $30 million in Series A funding to help organizations modernize their SOC infrastructure. The startup said CISOs lack visibility into complex SecOps pipelines spanning SIEMs, data lakes and automation tools, which can lead to silent failures that undermine threat detection.

Accel-Led Funding Round Fuels AI-Native Detection and ResponseVega raised $120 million led by Accel to expand its AI-native security operations platform. The funding will boost product development and global go-to-market efforts as enterprises seek faster threat detection, broader analytics and support for complex multi-cloud and on-premises environments.

Accel-Led Funding Round Fuels AI-Native Detection and ResponseVega raised $125 million led by Accel to expand its AI-native security operations platform. The funding will boost product development and global go-to-market efforts as enterprises seek faster threat detection, broader analytics and support for complex multi-cloud and on-premises environments.

As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically

Bank Info Security 6 months, 2 weeks ago

Symantec, Carbon Black Unite Under Broadcom

Jason Rolleston: Unified Agent and AI Aim to Boost Midmarket Security CapabilitiesBroadcom's integration of Symantec and Carbon Black promises a unified single-agent framework and AI-enhanced threat detection to help small and midmarket businesses defend against sophisticated cyberthreats with limited resources, said Jason Rolleston.

Loading more headlines...