Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The Linux Foundation has secured a $10 million investment to expand the operations of the Open Source Security Foundation (OpenSSF). [Read More]
Tech giants Intel and VMware joined the security patch parade this week, rolling out fixes for flaws that expose users to malicious hacker attacks. [Read More]
CrowdStrike made two major announcements at its own Fal.Con conference this week, launching a free Community Edition of Humio, and announcing CrowdStrike XDR. [Read More]
The Microsoft Patch Tuesday train for October rolled in with fixes for at least 71 Windows security defects and an urgent warning about a newly discovered zero-day cyberespionage campaign. [Read More]
Full video of panel discussion from SecurityWeek's 2021 CISO Forum on navigating software bill of materials (SBOM) and supply chain security transparency. [Read More]
The False Claims Act against could result in legal action against contractors who misuse federal dollars by failing to disclose hacks or by having deficient cybersecurity standards. [Read More]
Enterprise data fusion and analytics company Gravwell emerges from stealth with $3 million in seed funding. [Read More]
Different threat group names are a blessing, a necessity, and a curse -‒ and understanding how and why researchers name the different threat groups can help us better understand the overall threat landscape. [Read More]
Syniverse, a company whose connectivity services are used by nearly all mobile carriers in the world, said hackers had access to its systems for years. [Read More]
The newly minted NSA cybersecurity director offers a candid assessment of the nation-state threat landscape and argues that adding “sand and friction” to adversary operations is a winning strategy. [Read More]
- 1 of 167
- ››
FEATURES, INSIGHTS // Incident Response
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
Security is a big data problem. Solving it is all about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure.
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
- 1 of 28
- ››
Get the Daily Briefing
- U.S. Government Issues Urgent Warning on BlackMatter Ransomware
- Nation-State APT Targets Afghans With New Toolset
- Microsoft, Intel and Goldman Sachs Lead New Supply Chain Security Initiative
- Customer Data Privacy Provider Skyflow Raises $45 Million
- Valence Emerges From Stealth to Address Business App Connectivity Risks
- University of Pittsburgh Medical Center Hacker Sentenced to Prison
- SASE Firm Cato Networks Raises $200 Million at $2.5 Billion Valuation
- The VC View: Vendor Risk Management
- $1.9 Million Paid Out for Exploits at China's Tianfu Cup Hacking Contest
- Has Facebook Sidestepped GDPR's User Consent Requirements?
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy