Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Balance Theory, a seed-stage startup working on technology to help security teams collaborate and manage data flows securely, has closed a $3 million funding round. [Read More]
Pangea Cyber, an early stage startup working on technology in the API security services space, has banked $26 million in a new funding round led by Google Ventures. [Read More]
Albanian prosecutors have asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by alleged Iranian hackers. [Read More]
Salvadoran digital newspaper El Faro's employees filed a lawsuit in a US federal court on Wednesday against NSO Group, alleging the Israeli firm's controversial Pegasus software was used to spy on them. [Read More]
Google researchers call attention to the ongoing “patch-gap” problem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. [Read More]
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
When implementing security automation, organizations should starting with an open architecture, focusing on getting the right data for analytics and applying automation methodically in smaller chunks.
Jeff Orloff's picture
The MITRE D3FEND framework is only as effective as the planning that goes into making sure it is properly aligned with the top threats facing the organization.
Marc Solomon's picture
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Derek Manky's picture
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Gordon Lawson's picture
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Marc Solomon's picture
Within the context of security operations, anticipation teams use internal and external threat and event data across their security infrastructure for context and analytics and to become more proactive.
Marc Solomon's picture
Cyberattacks and data breaches continue to rise year-over-year and another so-called silver bullet technology isn’t going to stop that trend.
Jeff Orloff's picture
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
Marc Solomon's picture
The goal of security automation is to accelerate detection and response, but you’ll waste a lot of time if you try to eat the elephant all at once.
Marc Solomon's picture
With an approach that is data-driven and flexible, you can get as simple or as advanced as the detection and response demands.