Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

SecurityWeek will host its 2021 Security Operations Summit as a fully immersive virtual event on December 8, 2021. [Read More]
In response to an executive order on improving the nation’s cybersecurity, CISA has released playbooks for federal civilian agencies on incident and vulnerability response activities. [Read More]
Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]
External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. [Read More]
Redmond says the evasive malware delivery method is being leveraged in attacks to deliver remote access Trojans (RATs), banking malware, and other malicious payloads. [Read More]
Cloudflare said the multi-vector distributed denial of service attack combined DNS amplification attacks and UDP floods and lasted just one minute. [Read More]
AT&T Alien Labs researchers flag new Golang-based malware threat that could potentially infect millions of routers and Internet of Things (IoT) devices. [Read More]
Some of the compromised data could potentially be used to determine the location of user devices, but HPE doesn’t know which customers were affected. [Read More]
Taiwan's government agencies face around five million cyberattacks and probes a day, an official said, as a report warned of increasing Chinese cyber warfare targeting the self-ruled island. [Read More]
Microsoft said the two under-attack vulnerabilities exist in Microsoft Exchange Server and Microsoft Excel, two widely deployed products in the Windows ecosystem. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Gunter Ollmann's picture
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Marc Solomon's picture
To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem
Marc Solomon's picture
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
Marc Solomon's picture
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.
Marc Solomon's picture
Curated threat intelligence is an essential capability of the SOC, enabling tools and teams to work more efficiently and effectively to optimize everything from incident response to threat hunting.
AJ Nash's picture
Knowing that threat intelligence is readily available and proving its worth is one thing, understanding how to use it within your security operations program is quite another.
Marc Solomon's picture
When intelligence becomes a capability and not just subscriptions to feeds, we can gain the full value of intelligence as the foundation to security operations.