Stan Engelbrecht, Author at SecurityWeek

Sherlock in the SOC: Leveraging Security Knowledge in a Behavior-Based Approach

“There is a strong family resemblance about misdeeds, and if you have all the details of a thousand at your finger ends, it is...

August 16, 2019

Why Incident Response Must Adopt a Kill Chain Perspective

Even as incident response (IR) has evolved, it has struggled to see beyond individual events and create a more complete perspective. IR tools are...

July 19, 2019

Level the Security Operations Playing Field With MITRE ATT&CK

Playing defense is always more difficult than being on the attack, because defense is always reactive on some level. This concept is especially true...

May 3, 2019

Observations From RSA Conference 2019

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and...

March 22, 2019

Don’t Search for a Needle in a Haystack: Use Cases for Threat Intelligence

Threat Intelligence Can be Used to Support Effective and Automated Incident Response

February 8, 2019

The Latest Threats to ATM Security

Attacks against automated teller machines (ATMs) are nothing new, for obvious reasons. They are a perfect target for both conventional thieves and hackers, standing...

January 4, 2019

Business Outcomes for Automated Phishing Response

Security Automation Can be a Game Changer for Any SOC or CSIRT, Including Yours

November 30, 2018

Seven Security Activities You Should Automate

Organizations across all industries are recognizing the value of automation, and the necessity of implementing it in their security infrastructure. However, beyond the simple...

October 12, 2018

How Automation Helps Security Managers

It’s the nature of security operations: the worse the situation, the more you need everything to be working perfectly. Any issues with your program...

September 10, 2018

How to Go From No Incident Response Program to SOAR

Getting Off the Ground With Security Orchestration, Automation, and Response

August 17, 2018

The Evolution of SOAR Platforms

Automation and Orchestration Have Evolved to Become Indispensable Security Tools

July 27, 2018

Five Strategies for Extending Automation and Orchestration Beyond the SOC

Automation and Orchestration Are More Than Just the Latest Security Buzzwords

June 8, 2018

Why Mass Transit Could Be the Next Big Target for Cyber Attacks—and What to do About it

The constantly evolving tools and methods of cyber attackers has resulted in specific industries becoming the unfortunate subjects of sudden upswings in incident volume...

April 13, 2018

Thorough and Consistent Post-Incident Activity Strengthens Security Posture

The first column in this series focused on the preparation phase of Incident Response (IR), while the second covered what I call the response...

March 2, 2018

Stay on Track: High Tensions Often Cause Incident Response to be Derailed

As I mentioned in my previous column, even organizations that have mature IR functions can be caught off guard due to lack of preparation.

February 9, 2018

Strong Incident Response Starts with Careful Preparation

Through working every day with organizations’ incident response (IR) teams, I am confronted with the entire spectrum of operational maturity. However, even in the...

January 19, 2018