Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
Join us in the 3D virtual platform to learn about innovative strategies and tools that security teams can use to detect, contain, and eliminate threats in enterprise networks. [Read More]
New GAO report analyzes DoD’s cyber incident management capabilities and provides recommendations on addressing identified weaknesses. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
40 US states have announced reaching a $16 million settlement with Experian and T-Mobile over data breaches suffered in 2012 and 2015. [Read More]
The FTC has reached an agreement with education technology provider Chegg over the company’s cybersecurity mishaps that led to several data breaches. [Read More]
CISA, the FBI, and MS-ISAC have issued a joint guide to help federal agencies reduce the likelihood and impact of DDoS attacks. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Marc Solomon's picture
Within the context of security operations, anticipation teams use internal and external threat and event data across their security infrastructure for context and analytics and to become more proactive.
Marc Solomon's picture
Cyberattacks and data breaches continue to rise year-over-year and another so-called silver bullet technology isn’t going to stop that trend.
Jeff Orloff's picture
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
Marc Solomon's picture
The goal of security automation is to accelerate detection and response, but you’ll waste a lot of time if you try to eat the elephant all at once.
Marc Solomon's picture
With an approach that is data-driven and flexible, you can get as simple or as advanced as the detection and response demands.
Derek Manky's picture
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
Marc Solomon's picture
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.