Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Security researchers at Group-IB believe that Chinese nation-state threat actor APT41 performed the cyberattack against aviation IT firm SITA [Read More]
Recorded Future launches an in-house initiative that sets aside $20 million to invest in seed-stage and Series A startups in the nascent threat-intelligence space. [Read More]
Honeywell announces new Advanced Monitoring and Incident Response (AMIR) service for industrial organizations. [Read More]
The CEO of Colonial Pipeline has defended his decisions to abruptly halt fuel distribution for much of the East Coast and pay millions to a criminal gang in Russia as he faced down one of the most disruptive ransomware attacks in U.S. history. [Read More]
SAP releases patches for a total of 11 security flaws in NetWeaver, five of which are rated high-severity. [Read More]
Patch Tuesday takes on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild. [Read More]
Navistar International Corporation confirms data stolen in cyberattack that affected some operations. [Read More]
Palo Alto researchers document a new malware that leverages Windows container escape techniques and can achieve code execution on the node and spread to entire Kubernetes clusters. [Read More]
In an open letter, the White House encourages corporate executives and business leaders to take critical steps to protect organizations and the American public against ransomware. [Read More]
Two members of the notorious Carbanak cybercrime syndicate were sentenced to 8 years in prison, Kazakhstani authorities announced this week. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
Landon Winkelvoss's picture
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
Marc Solomon's picture
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Gunter Ollmann's picture
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Marc Solomon's picture
To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem
Marc Solomon's picture
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
Marc Solomon's picture
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.