Incident Response April 3, 2023

The important role of SOAR in cybersecurity

4 min read - Understaffed security teams need all the help they can get, and they are finding that help through SOAR. SOAR — security orchestration, automation and response — is defined by Gartner as the “technologies that enable organizations to collect inputs monitored…

Intelligence & Analytics December 21, 2022

When logs are out, enhanced analytics stay in

3 min read - I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I…

Application Security September 19, 2022

3 reasons why technology integration matters

4 min read - As John Donne once wrote, “No man is an island entire of itself.” With digitalization bridging any distance, the same logic could be applied to tech. Threat actors have vast underground forums for sharing their intelligence, while security professionals remain…

Intelligence & Analytics June 28, 2022

Five key trends on SOC modernization

4 min read - For SOCs looking to improve their ability to detect and respond to threats efficiently and effectively, Extended Detection and Response (XDR) has generated increasing amounts of excitement and discourse in the industry. XDR was one of the hottest topics at…

Intelligence & Analytics May 10, 2022

MITRE ATT&CK and SIEM rules: What should your expectations be?

6 min read - The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated…

Security Services April 21, 2022

Building the CASE for the vehicle security operations center

3 min read - This post was written with contributions from IBM Security’s Rob Dyson, Preston Futrell and Brett Drummond. Let’s explore a day in the life of a vehicle security operations center (VSOC). An autonomous vehicle is transporting passengers to their destination. Inside…

Intelligence & Analytics November 2, 2021

Taking Threat Detection and Response to the Next Level with Open XDR

6 min read - The challenges facing today’s security industry can easily be described as a perfect storm: increasingly sophisticated cyber attackers combined with the proliferation of security tools to cover an expanding attack surface driven by remote work and cloud adoption. These dynamics…

Zero Trust August 19, 2021

Critical Infrastructure Attack Trends: What Business Leaders Should Know

4 min read - Amateur threat actors have been able to compromise critical infrastructure like industrial control systems (ICS) and other operational technology (OT) assets more often lately. Compromises of exposed OT assets rose over the past 18 months, according to threat researchers at…

News July 5, 2021

Amateur Critical Infrastructure Attacks Growing in Frequency, Relative Severity

3 min read - Low-sophistication operational technology (OT) attacks grew in frequency and relative severity over the previous few years, according to Mandiant. In doing so, they broadened the type of threat against which companies and governments need to defend their OT assets. Attackers…

Zero Trust June 1, 2021

How the Rise of the Remote SOC Changed the Industry

4 min read - What does the rise of remote security operations centers (SOCs) mean for cybersecurity jobs? The longer people work from home during the pandemic, the more they rate remote working a success for their companies. While companies of all sizes are…