Cyber Security Threats Detection, Analysis and Remediation

Abstract

Nowadays human is connected with internet for almost everything, & various mediums are available for users to search to get relevant information for either business perspective or entertainment perspective. Similar way it can be a way to steal the information and attack on organization in various new techniques, in these scenario cyber security comes into the picture which is essential in each and every manner for user & organization perspective. Our project consist various types of well-known threats which are highly impactful for the company and complete process of the detection & remediation in best possible manner.

The entire project is mainly divided into three basic modules which covers almost all the types of cyber threats that are coming in every organization every day, those are malware, security & suspicious emails. Malware Threats are generally propagates into the system through various malicious urls and malicious files or software which are downloaded by the users in company environment, that can potentially compromise the organization network as those are Worms, Trojans, Backdoors, and Ransomware. Security Threats are generally propagates through various SQL Injection, Cross site scripting or unauthorized excessive login into any servers which contain confidential information that could lead company to huge loss.

Suspicious email conversation is the most dangerous way to attack on any organization by phishing, spoofing the headers and spam mails, which can be sent through outside company environment and it can be major setback if it is not solved properly. This project also explores certain ways to automate the current process of cybersecurity threat detection, analysis and remediation by developing a tool and make some changes in various rules-set in current tools to remediate false positives so that meantime To Response (MTTR) against every attack can be minimal, which plays important role in every organization.