Incident response orchestration and automation can help boost the accuracy and efficiency of IR processes and reduce the burden on the understaffed SOC.
When it comes to security metrics, greater accuracy yeilds greater value, but complete context requires a diversity of insights. What if you can't have both?
Your SOC collects mounds of data every day, but not all of it will contribute to a useful, relevant analysis of its performance. What metrics do you need to measure the success of your SOC?
Ten years ago, John Clarke was driving a van in Ireland for a living. Today, he develops games at IBM to help train security professionals on incident response and cyber situational awareness.
IBMer Mike Barcomb draws upon his experience in the U.S. Army Reserve to lead a team of incident response experts through careful planning, regular rehearsals and quick decision-making.
Even after a successful attack, security teams can still minimize the financial and reputational damage associated with a breach by following the IBM X-Force cyberattack framework.
An attacker who gains access won't necessarily walk away with an organization's proprietary data. Here's how a cyberattack framework can help you subvert an attacker already in a network.
In the external reconnaissance and launch attack phases of the X-Force IRIS cyberattack preparation framework, threat actors look for vulnerabilities and tailor their attacks to exploit them.
How the IBM X-Force IRIS Cyberattack Framework Helps Security Teams Reduce Risk at All Levels, Part 1
The IBM X-Force IRIS cyberattack preparation and execution frameworks aim to help security teams predict threat actors' motives and tactics and communicate security intelligence more clearly.
When Lincoln Healthcare experiences a watering hole attack, security operations center (SOC) director Malcolm Gerhard is tasked with developing a swift cybersecurity incident response. Will he succeed?