Security Boulevard

NOVEMBER 17, 2022

Phil’s 8 megatrends blog reminds us about this by calling one of his cloud megatrends “Simplicity: Cloud as an abstraction machine.” We can add: also for security and threat “detectability” and “investigability” (can we just say observability ?). In detection content? Metrics and associated data collection?

Engineering 64

Engineering Software Data collection Architecture 64

The Last Watchdog

JULY 30, 2018

Each new cyber attack is more sophisticated than the last, leaving traditional security measures unable to spot the next threat. Security analysts need the ability to view attacks as they unfold by enriching data collected from across the business with contextual and behavioral insights. Active learning.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

Security Boulevard

MAY 24, 2023

HYAS builds correlations and combinations between all the data points in the graph database which drive intelligence and ultimately decisions that link what has happened to what is happening now and what will happen in the future. Data is power. HYAS gives our clients and partners visibility.

Cyber Attacks 59

Cyber Attacks Phishing Cyber threats Malware 59

eSecurity Planet

MAY 5, 2021

Despite the similarity in name to endpoint detection and response (EDR) technology, MDR providers are more like general managed security service providers (MSSPs) , operating on all layers of an organization’s infrastructure, including the network, endpoints, applications and other IT resources. Secureworks. Armor Anywhere.

Threat Detection 57

Threat Detection Technology Artificial Intelligence Cybersecurity 57

Anton on Security

NOVEMBER 6, 2023

The second part of the answer would be to outline the type of an organization that would very much prefer the decoupled SIEM where the best collection and modern storage somehow harmoniously work with the best threat detection and response content. (B)

Engineering 245

Engineering Data collection Threat Detection Technology 245

Anton on Security

DECEMBER 10, 2021

Hence this blog was born. Data collection failures still plague many SOCs. Now, again, one can also blame this on people and processes (especially, those people in IT who just didn’t give us the data). BTW, if somebody wakes me up at 3:00 a.m. I would name the loss of executive commitment. Yes, DIY SOC tools fail as well.

Technology 242

Technology CISO Data collection Threat Detection 242

CyberSecurity Insiders

SEPTEMBER 21, 2021

This blog was written by a colleague from Tenable. They include: • Threat Detection that combines behavioral anomalies with policy-based rules. • Enterprise visibility to ensure that all data collected integrates to a single pane of glass. . What is OT vs. IT? Conclusion.

Energy and Utilities 101

Energy and Utilities Threat Detection Manufacturing Technology 101

Cisco Security

JUNE 30, 2021

Secure Network Analytics uses flow telemetry such as NetFlow, jFlow, sFlow, IPFIX, and packet-level data and helps in reducing the risk to an organisation. IDENTIFY – Asset Management (H/W and S/W inventories; communication and data flow are mapped). How much data was exchanged? [NB: NIST CSF Categories and Sub-Categories.

Threat Detection 86

Threat Detection Risk Data collection Internet 86

Security Boulevard

MARCH 31, 2022

Data collection from FTP clients, IM clients. In a blog post published on March 22nd, 2022, Microsoft confirmed that one of their user accounts had been compromised by the Lapsus$ (also known as DEV-0537) threat actor, though they claimed that the information accessed was limited and that “no customer code or data was involved”.

Cybersecurity 98

Cybersecurity Social Engineering Passwords Malware 98

Security Boulevard

DECEMBER 10, 2021

Hence this blog was born. Data collection failures still plague many SOCs. Now, again, one can also blame this on people and processes (especially, those people in IT who just didn’t give us the data). BTW, if somebody wakes me up at 3:00 a.m. I would name the loss of executive commitment. Yes, DIY SOC tools fail as well.

Technology 59

Technology CISO Data collection Threat Detection 59

Cisco Security

AUGUST 26, 2022

The AlienApp for Cisco Secure Endpoint enables you to automate threat detection and response activities between USM Anywhere and Cisco Secure Endpoint. Data collected from Umbrella can then be routed to Sumo’s Cloud SIEM, where it is then automatically normalized and applied to our rule’s engine. Happy integrating!

Firewall 127

Firewall Authentication Passwords Threat Detection 127

McAfee

NOVEMBER 12, 2020

Introducing SOCwise a monthly series of blogs, podcasts and talks driven by two highly experienced and devoted security operations professionals. These are just some of the questions we will try to answer in this blog series. The post SOCwise: A Security Operation Center (SOC) Resource to Bookmark appeared first on McAfee Blogs.

Engineering 84

Engineering Risk Data collection Cyber Risk 84