{"id":6392,"date":"2020-10-13T22:36:27","date_gmt":"2020-10-13T21:36:27","guid":{"rendered":"https:\/\/www.n-able.com\/?p=6392"},"modified":"2025-06-25T15:58:15","modified_gmt":"2025-06-25T14:58:15","slug":"ncsam-detecting-latest-cyberthreats","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats","title":{"rendered":"NCSAM: Detecting the Latest Cyberthreats"},"content":{"rendered":"<p>Last week, we talked about preparing your customer environments and helping prevent threats from even reaching devices or accounts in the first place. You need this solid foundation to keep customers safe.<\/p>\n<p>But security isn\u2019t static. A decade ago, you may have been able to just put up a firewall and use AV alone, then call it a day. Viruses were typically just nuisances, rather than major (potentially company-annihilating) risks. But those days are long gone, and prevention can\u2019t stop it all.<\/p>\n<p>To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks. While the first step on preparation and prevention was about putting locks on the doors, today\u2019s focus is on the alarm system in the house. Today, we\u2019ll talk about threat detection.<\/p>\n<p><em>(Missed phase one? Check out last week\u2019s post on preparing and preventing\u00a0<a href=\"https:\/\/www.n-able.com\/blog\/NCSAM-2020-are-you-prepared\" target=\"_blank\" rel=\"noopener\">here<\/a>).\u00a0<\/em><\/p>\n<h2 class=\"h3\">Detecting today\u2019s threats<\/h2>\n<p>As mentioned, some threats will slip past preventive technologies. You need to catch them fast to protect your customers. Cybercriminals evolve often, using evasion tactics like malware obfuscation and fileless attacks to slip past traditional technologies. Today\u2019s security stack needs to account for this while also remaining guarded against the old standards.<\/p>\n<p>Here\u2019s what can help at this stage:<\/p>\n<h3 class=\"h4\">ENDPOINT PROTECTION<\/h3>\n<p>As workers increasingly work remotely, having strong endpoint protection on devices becomes more important than ever. Traditionally, this role was filled by antivirus (AV) solutions that scanned for viruses on a set schedule based on virus signatures. While this may work for lower-risk employees without access to a lot of sensitive data, higher risk users (and organizations) may need to opt for an endpoint detection and response (EDR) solution like SolarWinds<sup>\u00ae<\/sup>\u00a0EDR. These protect more than just viruses by using machine learning to discover abnormal behavior on a machine, then determining an appropriate response. For example, if the EDR solution detects mass file deletion, it can flag that to the administrator as a sign of a potential attack even if the attack didn\u2019t start with a piece of malware.<\/p>\n<p>As cybercriminals increasingly work to evade antivirus scanners with techniques like remote fileless attacks or weaponized documents that launch scripts, an EDR solution provides a wider protection net against these threats to the endpoint. Plus, as we\u2019ll talk about in our next blog, they can be helpful for responding quickly as well. It\u2019s worth noting there\u2019s still a place for antivirus\u2014some lower-risk users can use AV, relying on time-based signature scans, and still get by just fine. But when more complete protection is in order, you\u2019ll want an\u00a0<a href=\"https:\/\/www.solarwindsmsp.com\/products\/n-central\/use-cases\/edr-solutions?promo=blog\" target=\"_blank\" rel=\"noopener\">EDR solution<\/a>\u00a0that can operate around the clock to protect the endpoint from threats.<\/p>\n<h3 class=\"h4\">NETWORK MONITORING AND PROTECTION<\/h3>\n<p>While EDR solutions protect the endpoint, you\u2019ll still want to monitor the corporate network and resources for additional threats. Ideally, a security information and event management (SIEM) tool would be best, but not everyone has the in-house expertise and capabilities to man the stations all the time. At a minimum, consider including a next-generation firewall on important networks. These often include enhanced protection against network threats, including <a href=\"https:\/\/www.n-able.com\/cyber-encyclopedia\/what-is-an-intrusion-prevention-system-ips\"  data-wpil-monitor-id=\"58\">intrusion prevention systems<\/a> and the ability to catch malware.<\/p>\n<h3 class=\"h4\">EMAIL PROTECTION<\/h3>\n<p>When the pandemic first started, we saw an uptick in\u00a0<a href=\"https:\/\/www.solarwindsmsp.com\/products\/mail\/use-cases\/spear-phishing-prevention?promo=blog\" target=\"_blank\" rel=\"noopener\">phishing schemes<\/a>. Email schemes can be one of the easier ways for malicious actors to attack a victim. They can use email to deliver malicious files that compromise the end user\u2019s machine or they might try to use a phishing scheme to steal peoples\u2019 usernames and passwords. During times of uncertainty, people can become even more prone to falling victim to a well-crafted, believable email threat. That\u2019s why it\u2019s so important to use strong\u00a0<a href=\"https:\/\/www.solarwindsmsp.com\/products\/mail\/use-cases\/email-filtering?promo=blog\" target=\"_blank\" rel=\"noopener\">email filtering<\/a>\u00a0to detect these threats and quarantine them before they ever reach the eyes of an end user.<\/p>\n<p>Most email solutions offer some anti-spam protection, but adding additional email security is paramount to prevent the deluge of email threats facing businesses today. SolarWinds Mail Assure, for example, uses collective intelligence from the entire userbase as well as threat intelligence feeds to detect even new, emerging threats as they arise. This offers a huge benefit\u2014rather than protecting against threats that your customers\u2019 primary email solutions find, it\u00a0<a href=\"https:\/\/www.solarwindsmsp.com\/products\/mail\/use-cases\/email-threat-protection?promo=blog\">protects against threats<\/a>\u00a0found across users of\u00a0<em>multiple<\/em>\u00a0email providers. With a wider breadth of data to pull from, you can protect your customers against even emerging email threats.<\/p>\n<h3 class=\"h4\"><a href=\"https:\/\/www.solarwindsmsp.com\/products\/n-central\/use-cases\/patch-management-tool-msp?promo=blog\" target=\"_blank\" rel=\"noopener\">PATCH MANAGEMENT<\/a><\/h3>\n<p>We mentioned patch management as part of the prepare and prevent section and won\u2019t go into detail here. However, it\u2019s worth noting that there\u2019s an element of detective security here as well\u2014you need to consistently scan to detect any unpatched systems and update them accordingly, particularly with security updates.<\/p>\n<h3 class=\"h4\"><a href=\"https:\/\/www.solarwindsmsp.com\/products\/rmm\/use-cases\/msp-remote-monitoring-software?promo=blog\" target=\"_blank\" rel=\"noopener\">RMM TOOLS<\/a><\/h3>\n<p>Finally, you\u2019ll need a remote monitoring and management solution. For starters, a good RMM tool like SolarWinds\u00a0RMM will allow you to manage security for multiple distributed customers from a single dashboard. Time is of the essence in security, so having all your tools in one area allows you to detect threats and respond to them more quickly.<\/p>\n<h2 class=\"h3\">Catching today\u2019s threats<\/h2>\n<p>Today, we talked quite a bit about detection technologies for security. Once you\u2019ve built a solid foundation with the preventive layers, you still need to have your alarm system to alert you to threats that slip past the first few layers. If you follow the steps laid out here, you\u2019ll be able to find those threats before they can wreak havoc across your userbase.<\/p>\n<p><b>Next week, we\u2019ll talk about what to do once you discover a threat. But between now and then, take a deep dive into the types of threats EDR solutions can solve by reading our eBook,\u00a0<\/b><a href=\"https:\/\/www.solarwindsmsp.com\/resources\/eb-five-cyberthreats-slip-past-traditional-antivirus\" target=\"_blank\" rel=\"noopener\"><b>Five Cyberthreats that Slip Past Traditional Antivirus<\/b><\/a><b>.\u00a0<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.<\/p>\n","protected":false},"author":24,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-6392","post","type-post","status-publish","format-standard","hentry","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>NCSAM: Detecting the Latest Cyberthreats - N-able<\/title>\n<meta name=\"description\" content=\"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NCSAM: Detecting the Latest Cyberthreats - N-able\" \/>\n<meta property=\"og:description\" content=\"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-13T21:36:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-25T14:58:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"N-able\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"N-able\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"5\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\"},\"author\":{\"name\":\"N-able\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\"},\"headline\":\"NCSAM: Detecting the Latest Cyberthreats\",\"datePublished\":\"2020-10-13T22:36:27+01:00\",\"dateModified\":\"2025-06-25T14:58:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\"},\"wordCount\":983,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Security\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\",\"name\":\"NCSAM: Detecting the Latest Cyberthreats - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2020-10-13T22:36:27+01:00\",\"dateModified\":\"2025-06-25T14:58:15+00:00\",\"description\":\"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NCSAM: Detecting the Latest Cyberthreats\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b\",\"name\":\"N-able\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g\",\"caption\":\"N-able\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NCSAM: Detecting the Latest Cyberthreats - N-able","description":"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats","og_locale":"de_DE","og_type":"article","og_title":"NCSAM: Detecting the Latest Cyberthreats - N-able","og_description":"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.","og_url":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-10-13T21:36:27+00:00","article_modified_time":"2025-06-25T14:58:15+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"N-able","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"N-able","Gesch\u00e4tzte Lesezeit":"5\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats"},"author":{"name":"N-able","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b"},"headline":"NCSAM: Detecting the Latest Cyberthreats","datePublished":"2020-10-13T22:36:27+01:00","dateModified":"2025-06-25T14:58:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats"},"wordCount":983,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Security"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats","url":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats","name":"NCSAM: Detecting the Latest Cyberthreats - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2020-10-13T22:36:27+01:00","dateModified":"2025-06-25T14:58:15+00:00","description":"To protect your customers, particularly with so many SMBs falling in the crosshairs of today\u2019s cybercriminals, IT providers need to have good methods of detecting attacks.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/ncsam-detecting-latest-cyberthreats#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/de\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"NCSAM: Detecting the Latest Cyberthreats"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/f46a000e389b6d02bd4b3866e7828a7b","name":"N-able","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e9c468b7c98137ecdd5508befa660c205a7978133257080a37fb0b1362d53411?s=96&d=mm&r=g","caption":"N-able"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/6392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=6392"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/6392\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=6392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}