Clik here to view.
The Time is Now for Greater Representation at Security Cons
A few times a year, the security community briefly focuses attention on the ridiculously low statistics for women and underrepresented groups in our industry. This is usually prompted by a new report...
View ArticleClik here to view.
Introducing Endgame Red Team Automation
Organizations and practitioners often struggle with a practical way to validate the effectiveness of prevention and detection products, services, or homegrown capabilities. Fortunately, MITRE's...
View ArticleIndictments, Sanctions, and Broken Promises: Two Active Weeks of U.S. Cyber...
March is known for coming in like a lion and out like a lamb, but that has not been the case in the world of cyber policy. In fact, the U.S. has been extremely active this month in responding to...
View ArticleIs it Time?: The Case for Replacing Your Endpoint Security Stack
Few would dispute that endpoint protection programs have grown complex, costly to maintain, and struggle to keep up with attacker sophistication. Instead of continuing to add layer after layer of point...
View ArticleClik here to view.
An Introduction to Windows Kernel Debugging
Kernel debugging is a crucial component of kernel mode software development and reverse engineering. It may sound terrifying in the beginning, but kernel debugging is not such a mysterious animal at...
View ArticleClik here to view.
Introducing Ember: An Open Source Classifier and Dataset
Over the last decade, machine learning has achieved truly impressive results in fields such as optical character recognition, image labeling, and speech recognition. Advancements in hardware and...
View ArticleEndgame Excels in NSS Labs Test, Continuing a Commitment to Transparency
Today NSS Labs announced the results of their second annual 2018 Advanced Endpoint Protection (AEP) Public test. Endgame is proud to be included in this year’s results. Endgame achieved the coveted...
View ArticleWe've Got It Covered: Endgame Presents at BSides Charm
The Endgame research team will be out in force this weekend for BSides Charm in Towson, MD. We’ll present five research projects that cover a broad range of topics, including four open source or...
View ArticleClik here to view.
Lessons Learned from Debugging Python
When developing large-scale backend code, predicting system behavior from an application is crucial for engineers to build a more scalable and stable architecture. Unfortunately, high-level scripting...
View ArticleClik here to view.
Hack Week @ Endgame
Earlier this year, Endgame hosted its annual all-hands meeting, bringing together our team from across the country for internal discussions, technical talks, and social events. This was followed by our...
View ArticleToward a Cyber Deterrence Strategy?
Almost a year to the date after the White House cybersecurity executive order, the Department of Homeland Security (DHS) last week released a new Cybersecurity Strategy. The DHS strategy reinforces its...
View ArticleClik here to view.
The ATT&CK Matrix Revolution in Security
Twenty years ago a group of infosec experts testified to Congress on the fragility of digital security. To commemorate that testimony, they returned to Capitol Hill last week with a similar conclusion....
View ArticleIntroducing Event Query Language
Adversarial activity is no longer described purely in terms of static Indicators of Compromise (IOCs). Focusing solely on IOCs leads to detections which are brittle and ineffective at discovering...
View ArticleClik here to view.
What Year Is It? VB6 Payload Crypter
Last year, researchers identified new crimeware, Loki-Bot, which steals data and login credentials. Loki-Bot is generally distributed through malicious spam, and is difficult to identify without...
View ArticleClik here to view.
How We Built Our Automated UI Testing Framework
When I recently joined Endgame as an intern on the Quality Assurance (QA) team, I was tasked to build a reliable and scalable automated UI testing framework that integrates with our manual testing...
View ArticleClik here to view.
The Growing Reach of Anti-Government Hacktivism: Is the World Cup Next?
With seismic events already linked to the men’s World Cup, many wonder what other kinds of activities we may see. Cybersecurity discussions of the World Cup have largely focused on the criminal...
View ArticleToday's Indictment in Context.....Again
Today’s indictment continues the uptick in the use of indictments to counter cyber attacks and disinformation which, in conjunction with automation, reflect the authoritarian playbook for interference...
View ArticleEndgame Presents: Hacker Summer Camp 2018
In just a few weeks, the security industry will flock to Las Vegas for Black Hat, DEF CON, and BSides Las Vegas, also known as “Hacker Summer Camp”. It is one of the biggest weeks in security, and...
View ArticleIt Takes AI Village
In early August, security practitioners from around the world will descend upon Las Vegas for a week of talks, demos, and CTFs. The conference lineup of BSides Las Vegas, Black Hat, and DEF CON...
View ArticleIt’s the Endgame for Phishing
With version 3.0 of the Endgame Protection Platform, Endgame has delivered the best prevention against document-based phishing attacks - the execution of malicious documents attached to email or...
View Article