Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

FBI Director Raises National Security Concerns About TikTok
Hypr Raises $25 Million for Passwordless Authentication Platform
Three Innocuous Linux Vulnerabilities Chained to Obtain Full Root Privileges
Report: California Gun Data Breach Was Unintentional
IBM Cloud Vulnerability Exposed Users to Supply Chain Attacks
long dotted

NEWS & INDUSTRY UPDATES

CISA Updates Infrastructure Resilience Planning Framework
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]
Palo Alto to Acquire Israeli Software Supply Chain Startup
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Akeyless Raises $65 Million for Secrets Management Tech
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
Threat Hunting Summit Virtual Event NOW LIVE
Join us in the 3D virtual platform to learn about innovative strategies and tools that security teams can use to detect, contain, and eliminate threats in enterprise networks. [Read More]
Over 12,000 Cyber Incidents at DoD Since 2015, But Incident Management Still Lacking
New GAO report analyzes DoD’s cyber incident management capabilities and provides recommendations on addressing identified weaknesses. [Read More]
Microsoft Scrambles to Thwart New Zero-Day Attacks
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
US States Announce $16M Settlement With Experian, T-Mobile Over Data Breaches
40 US states have announced reaching a $16 million settlement with Experian and T-Mobile over data breaches suffered in 2012 and 2015. [Read More]
FTC Orders Chegg to Improve Security Following Multiple Data Breaches
The FTC has reached an agreement with education technology provider Chegg over the company’s cybersecurity mishaps that led to several data breaches. [Read More]
US Agencies Issue Guidance on Responding to DDoS Attacks
CISA, the FBI, and MS-ISAC have issued a joint guide to help federal agencies reduce the likelihood and impact of DDoS attacks. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
Balancing Security Automation and the Human Element
Marc Solomon - Incident Response
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Read full story
Derek Manky's picture
Offense Gets the Glory, but Defense Wins the Game
Derek Manky - Incident Response
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Read full story
Gordon Lawson's picture
How to Prepare for New SEC Cybersecurity Disclosure Requirements
Gordon Lawson - Incident Response
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Read full story
Marc Solomon's picture
Anticipation and Action: What's Next in SOC Modernization
Marc Solomon - Network Security
Within the context of security operations, anticipation teams use internal and external threat and event data across their security infrastructure for context and analytics and to become more proactive.
Read full story
Marc Solomon's picture
How Organizational Structure, Personalities and Politics Can Get in the Way of Security
Marc Solomon - Incident Response
Cyberattacks and data breaches continue to rise year-over-year and another so-called silver bullet technology isn’t going to stop that trend.
Read full story
Jeff Orloff's picture
How to Improve Mean Time to Detect for Ransomware
Jeff Orloff - Endpoint Security
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
Read full story
Marc Solomon's picture
The Secret to Automation? Eat the Elephant in Chunks.
Marc Solomon - Incident Response
The goal of security automation is to accelerate detection and response, but you’ll waste a lot of time if you try to eat the elephant all at once.
Read full story
Marc Solomon's picture
The Pendulum Effect and Security Automation
Marc Solomon - Incident Response
With an approach that is data-driven and flexible, you can get as simple or as advanced as the detection and response demands.
Read full story
Derek Manky's picture
As Cybercriminals Recycle Ransomware, They're Getting Faster
Derek Manky - Network Security
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
Read full story
Marc Solomon's picture
Automation. Where do We Go from Here?
Marc Solomon - Incident Response
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.
Read full story