These blog posts and articles discuss the latest artificial intelligence trends and platform enhancements.

ElevateIT Phoenix Technology Summit 2024

ElevateIT provides a one-stop, all-inclusive experience which brings IT & IS practitioners together with experts and thought leaders throughout the country.

This premier conference brings together technology leaders, professionals, and enthusiasts to discuss emerging trends, best practices, and innovative solutions across various topics including cloud computing, cybersecurity, data analytics, and more. With engaging keynotes, panel discussions, interactive sessions, and networking opportunities, attendees can connect with industry experts, gain valuable insights, and explore the latest technology solutions and services from leading vendors.

Whether you’re a technology leader, professional, or enthusiast, this summit offers a chance to stay informed and enhance skills in the ever-evolving tech landscape.

Date: March 13, 2024
Location: Phoenix Convention Center, Phoenix, AZ
Booth: #501
Sponsorship Level: Breakout / Conference Exhibitors Sponsor

Speaking Session

Lessons Learned for Securing M365

Speaker: Jordan Gackowski, Senior Systems Engineer at Adlumin
Date: March 13, 2024
Time: 11 AM – 12 PM
Location: Tech Theater 3

Jordan works with customers every day to help monitor and secure their environments. Approximately 80% of his customers use M365, Hybrid, or some variation of those. In this talk, he will highlight and discuss some best practices and common configuration errors seen on a daily basis and help you address some potential risks to securing your M365 environment. If you don’t use M365, that’s ok! These concepts also apply to other platforms like Google Workspace and others.


KB4-CON 2024: Securing the Future: AI and the Human Layer

Come visit Adlumin at KB4-CON 2024: Securing the Future: AI and the Human Layer.

Hear from Adlumin’s Mark Sangster, VP, Chief of Strategy, on Monday, March 4th from 2-2:45 PM during his speaking session, “Cyber Rosetta Stone: Using Tabletops to Engage Executives in the Cyber Risk Conversation.”

KnowBe4’s premier annual conference unites customers, channel partners, security advocates, keynote speakers, and industry experts. Featuring a blend of in-depth product sessions and cutting-edge security presentations, attendees gain actionable insights to immediately implement in their organizations.

Dates: March 4-6 2024
Location: Orlando, FL

Speaking Session

Cyber Rosetta Stone: Using Tabletops to Engage Executives in the Cyber Risk Conversation

Speaker: Mark Sangster, VP, Chief of Strategy at Adlumin
Date: March 4, 2024
Time: 2:00 PM – 2:45 PM

The biggest barrier to the cyber risk discussion is the language we use to talk about cybersecurity. Tabletop exercises, when done right, can be the Rosetta stone needed to translate the ones and zeros of security to the dollar and cents of financial and reputational losses. Join cybersecurity author and expert, Mark Sangster, as he identifies the pitfalls of tabletops, and builds a simple framework to bring executives and security leaders to the table to collaborate, reduce business risk, and prepare for an inevitable cyber incident.


The Ultimate Guide to Using Cybersecurity AI

The rise of artificial intelligence (AI) has significantly altered the way IT security experts approach cybersecurity. Our new guide outlines the benefits of integrating AI into your cybersecurity plan and showcases four stages of AI advancements in cybersecurity. It provides organizations with useful information on Adlumin’s recommendations for responsible AI integration.

Penetration Testing as a Service vs. PenTesting

By: Brittany Holmes, Corporate Communications Manager 

Penetration testing is a vital part of cybersecurity strategies for organizations, helping them identify vulnerabilities in their systems, networks, and applications. Organizations have relied on traditional penetration testing methods, where a team of experts conducts the tests on-site. However, with the rise of technology and cloud-based services, a new approach has emerged – Penetration Testing as a Service or PTaaS.   

This blog discusses the differences between conventional penetration testing and penetration testing as a service, comparing each method. By understanding the differences, organizations can make informed decisions when choosing the right approach for their security needs. 

What is Penetration Testing as a Service (PTaaS)? And how is it different? 

Penetration testing as a service is a revolutionary cybersecurity approach that is gaining popularity. Unlike traditional penetration testing methods, penetration testing as a service takes advantage of the cloud and offers on-demand accessibility, making the entire process more efficient and seamless.  

With penetration testing as a service, organizations can securely access the testing platform through the cloud, eliminating the need for manual setup and configuration of testing environments. This significantly speeds up the testing process and allows for greater scalability since the necessary resources can be easily allocated as needed. 

Additionally, penetration testing as a service employs automation and machine learning technologies to enhance the testing process. These technologies can assist with scanning for vulnerabilities, analyzing results, and even suggesting remediation steps. As a result, it can offer more accurate and comprehensive testing, saving time and effort for organizations. 

To further investigate what solution is best for your organization, let’s explore the differences:  

Who conducts the penetration test? 

Penetration Testing:  

Penetration tests are typically conducted by specialized cybersecurity professionals known as ethical hackers or penetration testers. These individuals have extensive knowledge and experience in identifying and exploiting security vulnerabilities. They follow a systematic approach to test the effectiveness of an organization’s security controls and identify areas where improvements are needed.  

Penetration Testing as a Service: 

Many organizations choose to engage in external penetration testing services provided by third-part services, such as Managed Detection and Response (MDR) providers. These providers have specialized expertise and access to advanced tools and techniques that can comprehensively assess an organization’s security posture. 

How long does a penetration test take? 

Penetration Testing:  

The duration of a penetration test can vary depending on the availability of resources and information, the test’s scope, or the target system’s complexity. On average, a penetration test can take anywhere from a few days to several weeks to complete.   

Penetration Testing as a Service:

With penetration testing as a service, the testing is run based on your convenience or when your team wants to schedule them. Moving penetration tests to ‘as a service’ eliminates needing someone to manually set up pen tests. Instead, they can be scheduled to run on a regular basis or when you want, allowing for consistent assessments and updates. This means the duration can be longer than a one-time conventional test, but it provides more comprehensive and up-to-date security coverage. 

Will there be communication between an organization and the penetration testers? 

Penetration Testing:

During a penetration test, the communication between the penetration testers and the internal team can vary based on the policies and procedures of the organization. In some cases, there may be little to no interaction between the two groups, with the penetration testers working independently and providing updates only to a designated point of contact, such as a project manager. 

Penetration Testing as a Service: 

Two options are offered: the organization runs the tests independently, or an MDR provider manages the tests through a Progressive Penetration Testing Program  

Utilizing an MDR provider allows for seamless and direct communication between internal teams and penetration testers throughout the project, resulting in a more streamlined process. By eliminating unnecessary mediators, the exchange of information becomes more efficient and effective. 

The close collaboration enables any friction or misunderstanding to be promptly addressed, clarified, and resolved during the penetration test. This not only ensures a smoother workflow but also allows for quicker resolution of any issues. 

Additionally, it provides a valuable opportunity for the organization’s employees to enhance their skills by working alongside penetration testers. By actively participating in the penetration testing process, they can gain valuable insights and knowledge, ultimately improving their capabilities in cybersecurity. 

When can I see the results? 

Penetration Testing:  

One of the significant limitations of traditional penetration tests is the delayed communication of results. Typically, the findings are only conveyed at the end of the tests. Consequently, potentially crucial vulnerabilities may remain unaddressed for extended periods, ranging from days to even weeks. 

Penetration Testing as a Service:   

When a penetration tester detects a vulnerability, the platform immediately notifies the organization. This real-time alert allows internal teams to address the issue promptly, even before the penetration test is complete. Organizations can deploy patches and test them against cybercriminals without the need for another round of testing.  

This continuous reporting system, coupled with the ability to collaborate with penetration testers, enables the organization’s IT team to gain valuable insights into the remediation of vulnerabilities. 

Penetration Testing as a Service vs. PenTesting 

Penetration testing as a service offers organizations an affordable and convenient solution for assessing their cybersecurity vulnerabilities. Organizations can quickly identify and mitigate potential threats with on-demand access to human-led penetration testing combined with automation. It also provides continuous monitoring and real-time reports for faster resolution. This approach ensures higher accuracy and data analytics and makes penetration testing more accessible and cost-effective compared to traditional methods. By illuminating potential risks, penetration testing as a service enables organizations to adopt effective defenses and enhance their security posture. 

Ultimately, the choice between penetration testing and penetration testing as a service depends on an organization’s unique needs and financial resources. Traditional penetration testing may be ideal for certain tasks, but it is crucial to assess the areas where assistance is needed and select the most appropriate option to meet the organization’s security requirements. 

Stay Informed

Subscribe to Adlumin’s blog series and gain access to actionable advice and step-by-step guides from cybersecurity experts.

N-able Empower Conference

Join Adlumin during the N-able Empower Conference for three days of tailored experiences designed to inspire transformation and foster innovation.

  • Executive Leadership: Navigate unique challenges faced by leaders seeking to enhance enterprise value for their organizations. Topics cover defining and measuring success, differentiating strategies employed by the best, identifying emerging market opportunities, optimizing go-to-market models, leveraging growth levers, and effective team building.
  • Service Managers & Operations: Delve into issues pertinent to those shaping service packages and ensuring top-notch delivery. Topics include exploring market opportunities, learning from industry leaders, and addressing staffing considerations during scaling.
  • Technicians: Deepen your understanding and utilization of key technologies and products to achieve best-in-class performance. Topics cover in-depth exploration of key use cases, staying abreast of emerging technologies such as RPA and AI, and strategies for adding value to your organization.
  • Sales & Business Development Professionals: Challenge conventional wisdom to boost revenue and foster growth. Topics include innovative approaches employed by top MSPs to drive growth, effective measurement of success, and insights into building a successful sales team.

Dates: March 25-28, 2024
Location: Omni PGA Frisco Resort, Frisco, TX


Revolutionizing Cybersecurity: The AI Advantage

Event details:

Thursday, January 18, 2024
1:00 PM EST


Mark Sangster, Chief of Strategy at Adlumin

About this talk:

Artificial Intelligence (AI) isn’t new, but learning how we can harness it is constantly evolving. Explore the cybersecurity transformation with our upcoming webinar, where we uncover the adoption of AI in cybersecurity products. Hear how security providers embrace AI to fortify their defenses and elevate analyst capabilities.

During the session, you’ll learn how to grow your cybersecurity program by learning how to:

  • How the surge in machine learning usage is reshaping cybersecurity
  • Ways to incorporate AI across detection, investigation, and incident response strategies
  • Why the incorporation of a human element is still required when applying AI

As a thank you for joining our webinar, we’ll send you the Winter Threat Report. Additionally – one lucky participant will receive a $200 Amazon gift card.

Embracing AI in Cybersecurity: The Ultimate Resource Round-Up

By: Brittany Holmes, Corporate Communications Manager 

As we move into the new year and reflect on 2023, we have learned the stakes for cybersecurity have reached unprecedented heights. Cyber threats continue to grow in complexity, leaving organizations and individuals vulnerable to data breaches, ransomware attacks, and increasingly sophisticated cyberattacks. Artificial Intelligence (AI) has emerged and risen as a powerful ally in the fight against threats and adversaries.

In this blog post, we’ll explore the current state of AI in cybersecurity as of 2023 and provide Adlumin’s AI round-up of resources to help equip you for the upcoming year. 

AI in Cybersecurity 

AI in cybersecurity has become integral to protecting modern digital systems this past year. Machine learning algorithms analyze and identify patterns in vast amounts of data, enabling organizations to efficiently detect and mitigate potential cyber threats.  

Cybercriminals leverage AI to sabotage defenses, accelerate the development of their tactics and tools like phishing lures, and even lie dormant in the hands of an advanced persistent threat (APT) that’s playing a long game deploying an AI mole in the halls of government or in the defense industry. 

To learn more, read The Intersection of AI and Cybersecurity: A Closer Look.’ 

Making Cybersecurity Faster and Smarter 

The concept of automation often blends into the artificial intelligence (AI) world, where AI makes decisions based on a number of technologies and learned variables. In principle, automation also makes these same types of decisions, but it’s based on rules and patterns. Nonetheless, in cybersecurity, automation is only as smart as we make it. The cyber-world is colossal, and different teams and operations can all use automation in different ways. 

To learn more about automation in a Security Operation Center (SOC) and the pros and cons of automation used in cybersecurity, read ‘How Automation Makes Cybersecurity Faster and Smarter: The Pros and Cons.’ 

AI is Used to Detect Lateral Movement 

Adlumin’s Data Science team constantly develops more robust and holistic solutions for automated defense against network intrusion and data exfiltration. Adlumin recently flagged lateral movement incidents on a customer’s network. The detection was achieved via an AI algorithm designed to aggregate suspicious incidents until they collectively project a high-fidelity threat signal. This prevented further compromise of valuable resources, and Adlumin detection response teams advised the client on remedial action.  

Learn more about how Adlumin’s AI detected and remediated this incident inHow AI is Used to Detect Lateral Movement.’ 

Current, Upcoming, and Future AI Technology   

At Adlumin, we develop AI applications for cyber defense, bringing specific techniques to bear. The central challenge for AI in cyber applications is to find “needle in haystack” anomalies from billions of data points that mostly appear indistinguishable. The applications in this domain are usefully grouped under the term User and Entity Behavior Analytics, involving mathematical baselining of users and devices on a computer network followed by machine-identification of suspicious deviations from baseline. 

Organizations need to build a cybersecurity infrastructure embracing the power of AI, deep learning, and machine learning to handle the scale of analysis and data. AI has emerged as a required technology for cybersecurity teams to scale and protect the complex attack surfaces of organizations. So, when evaluating security operations platforms, organizations need to know how AI can help identify, prioritize risk, and help instantly spot intrusions before they start.  

Learn more about suggested AI solutions to integrate into your cybersecurity plan, AI risks, and pitfalls in Unraveling Cyber Defense Model Secrets: The Future of AI in Cybersecurity.’ 

Embracing AI in Cybersecurity 

The AI round-up of resources highlights the significant role that artificial intelligence, deep learning, and machine learning techniques play in protecting organizations from the evolving landscape of cybersecurity threats. With the increasing complexity and sophistication of these threats, it is crucial for organizations to leverage powerful AI algorithms to analyze vast amounts of data and identify potential security breaches.   

By embracing automation and integrating AI into their cybersecurity strategies, organizations can enhance their security operations, making them faster, smarter, and more effective in detecting and mitigating cyber threats. This collection of resources provides valuable insights and tools to help organizations build a robust cybersecurity infrastructure that can stay ahead of cybercriminals and safeguard their data and systems in the years to come. 

Enhance Your Team 

The chase to stay ahead of threats is not slowing down. Gain valuable insights into the future of threat detection and response with latest Gartner report on emerging tech.  

Learn how AI can enhance your team’s capabilities and shine a bright light on hidden risks.  

CUInsight: 3 Questions with Adlumin's Jessvin Thomas

In this podcast interview, CUInsight Publisher & CEO Lauren Culp engages in a discussion with Jessvin Thomas, Chief Product Officer at Adlumin, specifically focusing on crucial aspects of technology and cybersecurity. The conversation unfolds through three key questions:

  1. Exploring the recent buzz surrounding Generative AI and ChatGPT, Thomas shares insights on its relevance. He discusses the potential benefits credit unions can derive from these technologies and highlights crucial risks that should be on their radar.
  2. Addressing the impact of Citrix Bleed and third-party outages on credit unions, Thomas draws lessons from these experiences. The interview aims to provide valuable insights for credit union professionals navigating challenges related to cybersecurity and operational disruptions.
  3. Adding a personal touch to the interview, Culp asks Thomas for a book recommendation that might interest listeners. This segment offers a glimpse into Thomas’s literary preferences and provides the audience with a non-technical perspective.

Listen now to explore further into the discussed topics and learn more about Adlumin.

Unraveling Cyber Defense Model Secrets: Machine Learned Detections

By: Jeet Dutta, Director of Data Science 

Welcome to the Unraveling Cyber Defense Model Secrets series, where we shine a light on Adlumin’s Data Science team and, explore the team’s latest detections, and learn how to navigate the cyberattack landscape. This blog examines how Adlumin Data Science implements automated surveillance against network intrusion and data exfiltration, empowering our incident response teams to track and eliminate threats in four different ways.

The key motivation for Artificial Intelligence in cybersecurity is to find “needle in haystack” anomalies from billions of data points that appear indistinguishable. These applications are usefully grouped under the term UEBA (User and Entity Behavior Analytics), involving mathematical baselining of users and devices on a network followed by machine-identification of suspicious deviations.

Let’s take a look at the innovations and threat alerts in the works. 

Lateral Movement

The Adlumin platform has long featured an AI detection for lateral movement based on deviance from the UEBA baseline of daily access for any account in the network. A separate AI algorithm, developed subsequently to boost fidelity in lateral movement alerts, identifies anomalous logons among Windows users by aggregating events that don’t belong in a machine-defined context for combinations of users, hosts, logon types, and access timestamps. Collectively, the two independently developed algorithms project a high-fidelity threat signal.

The latest round of updates soon to roll out to our lateral movement detection framework will include data filtering and real-time scoring. Applying domain knowledge to filter out logon events unlikely to originate from a threat actor will further boost fidelity. Scoring events as they are ingested into the platform made possible via innovations in our cloud architecture will go a long way to improve the timeliness of the alert. 

Malicious Scheduled Task 

After compromising a privileged account, authenticated threat actors can abuse the Windows Task Scheduler for running malware. Adlumin Data Science will soon deploy a defense against this vulnerability by stringing a sequence of neural networks for isolating process execution anomalies and applying subsequent checks for known indicators of compromise. These checks include verifying the binary hash being called by the scheduler has a history of malware delivery.

Malicious Script Block

Adlumin provides automated detection of malicious PowerShell executions via an AI algorithm that matches each executed command in a customer network against a huge dataset of benign commands, performing string-matching calculations at scale. Script Block executions are excluded, however, being too large for feasibly matching strings.  Adlumin Data Science is in the development of anomalous Script Block detection capability via rule-based filtering and ensemble machine learning methods. 

AI Code Analysis

The malicious PowerShell alert often requires intense and lengthy post-detection incident response from our security analysts, who go through the code in each flagged command. A breakthrough innovation we recently deployed leverages the power of ChatGPT to do the initial heavy lifting. Adlumin data scientists have prompt engineered a new feature that obtains an explanation from GPT4 (the most advanced GPT model) for the command initially flagged anomalous under our proprietary AI model. This results in the delivery to our customer portal of a step-by-step explanation of the command code and independent determination if it is malicious, benign, or questionable.

Experience The Innovations 

In an era where cybersecurity threats are continuously advancing, organizations need enhanced visibility to stay ahead of emerging threats. It is crucial for them to have modern solutions in place to detect and respond to security incidents efficiently, ultimately enhancing their security maturity.

At Adlumin, we understand the vital role of visibility in cybersecurity solutions and offer a tailored Security Operations Platform and MDR services to provide organizations with a 360 view of their IT landscape. But we don’t stop there. We believe in the power of experience, so we invite you to take a platform tour, giving you firsthand access to our solution’s benefits.

Discover how our platform empowers your team to effectively detect and respond to threats by scheduling a demo or signing up for a free trial today. Take the tour and elevate your organization’s visibility to new heights.