Reliably Detecting Pass the Hash Through Event Log Analysis

At BDS we have the unique ability to pull large subsets of data in order to identify abnormal patterns in environments. With our BDS Vision product, the endpoint is one of the easiest ways for us to identify compromises within an organization and we continue to add better detection capabilities every day. One of the […]
Binary Defense - vision laptop

Distributed HoneyNets and Understanding Attack Emulation with BDS Vision

One of the cool things developing a product is designing defensive software that detects what you do as an attacker. Growing up through the offensive mindset gave me a unique perspective on what I need to do to gain access to systems. The concept of honeypots is nothing new and has been around for ages. […]
Announcing Vision 4.0 Platform – Managed EDR Combined with EPP

BDS Vision – Real-Time Detection Software

When I left an amazing job as a Chief Security Officer, my goal was to build a team that changed the industry for the better. I started TrustedSec with the mindset of starting Binary Defense and ultimately continuing to build something special. At TrustedSec, we always found that a company would have a number of […]
Binary Defense Predictions for 2019

Botnet Ransomware will Screengrab your Desktop

Attackers have added another tool to their arsenal allowing them to screenshot desktops of infected victims. The Necurs botnet had recently undergone a revival, spreading millions of malicious emails spreading the Locky ransomware along with the Trickbot banking Trojan. Necurs can take screenshots and send them back to a remote server while also sending back […]

New Tool Release: GoatRider – OTX, Artillery, and Alexa lookups

During incident response practices, you may need to look up very quickly some abnormal activity. While using feeds such as Artillery and OTX is far from a bulletproof method – these feeds can quickly help identify known C2 or malicious IPs or hostnames. The purpose of GoatRider is to make it simple to look through […]

Tool Update: Auto-OSSEC + MSI Builder

Let’s focus on that last one for a moment. One facet of securing your infrastructure is detecting intrusion. And one of the many tools that can be used to do this is OSSEC. OSSEC is a host intrusion-detection system that leverages agents deployed to workstations and servers. After installing an agent, it is pointed to […]

Tool Release: Auto-OSSEC – automated OSSEC deployment

We often get customers that prefer to use OSSEC as an endpoint detection, FIM agent. Regardless of what SIEM is in place, a lot of them have OSSEC integration. Alienvault in particular also has the ability to fully integrate and control OSSEC agents. Regardless if you are using OSSEC on a SIEM, standalone, or another […]

Artillery 1.4 Released – New major features

Binary Defense Systems (BDS) is proud to announce the release of Artillery version 1.4. This version adds several new features. The first is the ability to hook into multiple threat intelligence feeds and incorporate that into the normal banlist threat intelligence feeds from Artillery. The inspiration came from Deep Impact (@DeepImpactIO) and a blog post […]
Threat Intelligence: Cisco Mistakenly Adds Dirty Cow Exploit Code to its Own Software

The ISIS Cyber Security Threat

While many look at ISIS and think only of the campaign of terror they are driving through the middle east, but what most do not think of is the terror campaign they are waging through cyberspace. Since its inception ISIS has continually evolved to thrive in current times. ISIS began using relatively old tactics such […]

Artillery version 1.3 released – new features and bug fixes.

Artillery version 1.3 is now released. This version incorporates a number of new features and bug fixes. Most specifically, when it comes to timestamp for events – all events now include timestamp data when logging remote syslog, local syslog, and file formats. This also includes when starting, stopping, or restarting Artillery. An example of this […]