Anton on Security

JUNE 10, 2022

At the same time, some organizations are moving to enter the 1990s or perhaps 2000s, in regards to their IT tools and practices. BTW, I was looking for the emergence of CDR (Cloud Detection and Response) so I was talking to a few vendors building tools to do detection, investigation and response in the cloud. Very credible, that.

VPN 189

VPN Marketing Firewall Passwords 189

Security Boulevard

MARCH 28, 2023

Let’s start with this: why should anyone buy an SIEM tool in 2023? I used to say SIEM and SOAR, then I said SIEM/SOAR, and now I just say SIEM, but really mean an SIEM/SOAR combination , because ultimately this is what a vast majority of organizations are buying today. Before we go any further, some definitions.

Threat Detection 69

Threat Detection Banking Risk Technology 69

Anton on Security

APRIL 28, 2022

You can review my ideas on the topic in this blog series “Anton and The Great XDR Debate, Part 1” “Anton and The Great XDR Debate, Part 2” “Anton and The Great XDR Debate, Part 3.” For those who are of the opinion that XDR is merely an improved EDR, SIEM seems like a nice complementary technology that needs to be integrated with their tool.

Threat Detection 189

Threat Detection Technology VPN Architecture 189

Security Boulevard

DECEMBER 8, 2023

As I said in my now-dead Gartner blog, a lot of security operation centers looked like they were built on a blueprint of a classic paper written by somebody from ArcSight around 2003 (don’t get me wrong, that was an epic SOC paper … for 2003!). long story, probably Part 3 of this blog :-)]. So, is there anything else?

Engineering 64

Engineering Phishing 64

NopSec

FEBRUARY 13, 2024

Enterprises, large or small, on average own between 20 and 100+ security tools. In its second phase, the overwhelming amounts of data and alerts generated by those security tools are the main challenges that enterprises are facing. It is no longer a tooling problem, it is a data problem.

Marketing 52

Marketing Risk Digital transformation Software 52

Anton on Security

AUGUST 31, 2022

SREs recommend to “have tools that report on a host of metrics, such as how much time it takes for a code change to be deployed into production (in other words, release velocity) and statistics on what features are being used in build configuration files.” This applies even more to SOAR playbooks, by the way. detection for it?

Engineering 189

Engineering Risk 189

Anton on Security

NOVEMBER 3, 2020

proved to be one of the most popular in recent history of my new blog. endpoint state may not be available to a network detection tool). However, alert triage has been an uphill battle for many years for many organizations due to shortage of skills, needed context data, investigative tools, etc. Uncertainty?

Threat Detection 130

Threat Detection Information Security Cybersecurity 130

Anton on Security

SEPTEMBER 21, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Note that some of the rules/content may be created by the tool vendor while the rest is created by the customer.

Engineering 221

Engineering Threat Detection Marketing Internet 221

Security Affairs

APRIL 13, 2023

The top insider threat software products of 2023 Data Detection and Response (DDR) company Cyberhaven offers valuable insights into some of the top security tools designed with inside threats in mind. It also helps to define your insider-specific security strategy before you invest, so you’ll understand which tool (or tools ) you’ll need.

Data privacy 91

Data privacy Risk Media Software 91

McAfee

MARCH 9, 2020

Beyond the obvious risk of not having budget and resources there is dependency on other IT operations processes and tools that can impede key processes and there is lack of integration standards across tools (e.g., In addition, there are SOAR players that plug into the McAfee ecosystem for more advanced plays.

Technology 52

Technology Cybersecurity Cyber threats Risk 52

Security Boulevard

JUNE 10, 2022

At the same time, some organizations are moving to enter the 1990s or perhaps 2000s, in regards to their IT tools and practices. BTW, I was looking for the emergence of CDR (Cloud Detection and Response) so I was talking to a few vendors building tools to do detection, investigation and response in the cloud. Very credible, that.

VPN 116

VPN Marketing Firewall Passwords 116

Security Boulevard

AUGUST 31, 2022

In this blog, we discuss ways to augment their efforts and maximize their time by overcoming some of the key challenges they face. AI/ML systems have started to help stem the tide of alerts, but it can become problematic if analysts are not able to understand what these tools are doing. What tools can help SOC analysts to do more?

Artificial Intelligence 52

Artificial Intelligence Cybersecurity Education Government 52

Cisco Security

JULY 27, 2021

Is it SOAR? And, of course, the TALOS intelligence database, full of all manner of information discovered by the global TALOS research team and their advanced and often custom tooling. You can read much more about this at Jessica Bair’s excellent blog, SecureX threat response Turnkey Integrations. As a TIP?” “Yes.”)

Cybercrime 135

Cybercrime Malware 135

Security Boulevard

JUNE 23, 2022

So, let’s define CDR as a type of a security tool primarily focused on detecting, confirming and investigating suspicious activities and other security problems in various public cloud environments , including, but not limited to IaaS, PaaS, SaaS. A SOAR may automate responses. Should it exist as a market? So, do we need a CDR or not?!

Threat Detection 52

Threat Detection Marketing Technology 52

McAfee

FEBRUARY 16, 2021

As duly noted in the book, Ten Strategies of World-class Cybersecurity Operations Center , written quite a few moons ago : “With the right tools, one good analyst can do the job of 100 mediocre ones.” ” XDR is the right tool. . Or maybe you only ha ve access to the endpoint tool.

Technology 92

Technology Phishing Cybersecurity 92

Anton on Security

AUGUST 30, 2021

To get to 2X the attacks or to 2X increased scope (such as cloud added to your SOC coverage ), you need 2X the people, and sometimes also 2X budget to spend on tools. Related blog posts: “Modernizing SOC … Introducing Autonomic Security Operations” “New Paper: “Autonomic Security Operations?—?10X

Engineering 273

Engineering Marketing Education Threat Detection 273

Security Boulevard

AUGUST 31, 2022

SREs recommend to “have tools that report on a host of metrics, such as how much time it takes for a code change to be deployed into production (in other words, release velocity) and statistics on what features are being used in build configuration files.” This applies even more to SOAR playbooks, by the way. detection for it?

Engineering 98

Engineering Risk Government Network Security 98

McAfee

MAY 5, 2021

McAfee Soars with Superior Protection Results . For more information on Time-based Security and Alert Actionability, please review the following blog: SOC vs MITRE APT29 evaluation – Racing with Cozy Bear | McAfee Blogs ) . Please see this McAfee MITRE blog for details on these algorithms .

Cyber threats 104

Cyber threats Risk Government Cybersecurity 104

SC Magazine

JUNE 21, 2021

In an interview, Forrester analyst Allie Mellen talked about the way security event information management systems are mischaracterized by rival marketers, the increasing convergence of security analytics tooling and why automation needs are poised to loom large over the market in the next decade. David Paul Morris/Getty Images).

Marketing 70

Marketing Technology Media Big data 70

eSecurity Planet

OCTOBER 14, 2022

In a BNB Chain blog post in early October, the authors announced that about two million BNB crypto tokens were stolen. The company is profitable and revenues have soared by 12X since 2021. CertiK’s Security Suite has tools to identify and avoid scams. ” See the Best Fraud Management Systems & Detection Tools.

Cybersecurity 119

Cybersecurity Threat Detection Cryptocurrency eCommerce 119

Jane Frankland

OCTOBER 10, 2023

As an IT decision maker (ITDM), you have access to powerful tools that allow for simplified management of system resources and data – enabling you to make huge strides at your organisation in terms of agility and scalability without sacrificing security objectives. That’s where on-demand cloud computing providers like AWS can help.

Risk 147

Risk Technology Cybersecurity Encryption 147

Security Boulevard

DECEMBER 21, 2021

By the way, this is why the most common starter SOAR playbook is about phishing, a major time-suck of many aspiring SOCs (I’ve heard one spent 40% of analyst time on phishing response and that was after the email security gateway did its work). Centralizing mistakes is awesome?—?and DevOps” your SOC! an autonomous system.“

Engineering 69

Engineering Phishing Technology Ransomware 69

Duo's Security Blog

NOVEMBER 27, 2023

Here are a couple of tools that can help you reduce your risk for some of Scattered Spider’s techniques: SIM Swaps Remove SMS and telephony authentication methods, limiting users to stronger factors like WebAuthn and Verified Duo Push. That’s why we conduct experiments like attacking our own tools and continuously rolling out new protections.

Authentication 73

Authentication Social Engineering Risk Accountability 73

McAfee

NOVEMBER 18, 2021

McAfee Enterprise provides regular publications on the strategies to defend against ransomware, such as this blog. MVISION Insights can help operationalize McAfee Enterprise Threat Intelligence data by providing risk assessment against threats affecting you, protective guidance and integrating with other tools to share threat data.

Ransomware 77

Ransomware Government Threat Reports Architecture 77

Security Boulevard

SEPTEMBER 21, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. Note that some of the rules/content may be created by the tool vendor while the rest is created by the customer.

Engineering 59

Engineering Threat Detection Marketing Internet 59

NetSpi Executives

MARCH 5, 2024

These include ticketing systems, security information and event management (SIEM), security orchestration, automation and response (SOAR), configuration management database (CMDB), and vulnerability assessment tools.

Penetration Testing 64

Penetration Testing Technology Marketing Mobile 64

Hackology

AUGUST 8, 2023

Creating Branded Text Graphics Text graphics, such as quotes and captions, are powerful tools for engaging your audience and conveying your message. Embrace the power of creative fonts, experiment with designs, and watch your engagement soar. Creative fonts can elevate these graphics, making them visually appealing and shareable.

Media 40

Media Internet Internet Mobile 40

NopSec

AUGUST 23, 2022

In this blog, we’ll add to our cybersecurity considerations the concept of threats and threat intelligence. The tools to be used need to be capable of helping teams quantify that risk so they know how to prioritize potential remediations. So far, we’ve looked at assets and their vulnerabilities. The list of them is just the start.

Risk 40

Risk Cybersecurity Penetration Testing Media 40

Anton on Security

MARCH 7, 2024

DR This is the blog where I really (briefly ) miss my analyst life and my “awesome+” peers like Augusto and Anna. And, yes, this blog was inspired by a hallways conversation at a conference that took place more than a year ago :-( So, the question: When and where do you need “<domain>DR” tool for its own technology domain?

Threat Detection 130

Threat Detection Technology IoT Marketing 130

Security Boulevard

AUGUST 30, 2021

To get to 2X the attacks or to 2X increased scope (such as cloud added to your SOC coverage ), you need 2X the people, and sometimes also 2X budget to spend on tools. Related blog posts: “Modernizing SOC … Introducing Autonomic Security Operations”. Hence, you WILL achieve 10X effectiveness in real life, not on a marketing glossy.

Engineering 59

Engineering Marketing Education Threat Detection 59

McAfee

SEPTEMBER 28, 2021

And you can automate remediation with the IBM Security SOAR (security orchestration, automation and response) platform. With these tools, you can integrate the data available from threat feeds in one platform for better visibility and context. appeared first on McAfee Blogs. The post Why Can’t We Automate Everything?

DNS 53

DNS Data collection Engineering Internet 53

Centraleyes

APRIL 9, 2024

Insurance Woes While grappling with the aftermath of breaches, organizations face an unexpected challenge – soaring cyber insurance premiums. Several factors, including supply chain breaches, ASM tools, data security and protection software, and more, influence the mean cost of a data breach.

Data breaches 52

Data breaches Cyber Insurance Insurance Ransomware 52

The Last Watchdog

AUGUST 30, 2021

Security analytics platforms combine SIEM, SOAR, and UEBA to cover the complete incident response lifecycle from detection, investigation, and response, in conjunction with other important use cases like compliance. Below, I take a page from the book of my old combinatorics class and provide a disproof by counterexample (in some cases x2).

Marketing 230

Marketing Big data Financial Services Technology 230

Anton on Security

DECEMBER 10, 2021

Hence this blog was born. Often when you get to POC an impressive new tool, the ability to scale is not truly understood and battle-tested until you onboard the tool into your workflow. Even the way you use the tool may cause unseen bottlenecks and affect your ability to scale. BTW, if somebody wakes me up at 3:00 a.m.

Technology 242

Technology CISO Data collection Threat Detection 242

eSecurity Planet

MAY 5, 2021

LMNTRIX GRID is a SaaS XDR tool that offers automated threat hunting, detection, prevention, investigation, validation and forensic exploration on-demand. It offers security orchestration and response (SOAR) capabilities to ensure that no vulnerabilities or gaps in security go unresolved. LMNTRIX Active Defense. SentinelOne.

Threat Detection 57

Threat Detection Technology Artificial Intelligence Cybersecurity 57

Centraleyes

APRIL 1, 2024

Best SIEM Tools and Solutions Here is a SIEM tools list we have compiled to assist you in choosing the best SIEM tool for your organization. Additionally, Fusion SIEM is fully integrated with SOAR, enabling automated incident response. Users also mention SIEM, SOAR, and UEBA tool integration issues.

Firewall 52

Firewall Antivirus Risk Artificial Intelligence 52

The Last Watchdog

JANUARY 22, 2023

These attributes combined with Heimdal’s solutions will enable the tool to serve as a single point of contact for risk management. The key is effective threat detection, which requires the right tools in place for your specific environment and needs. SMBs can stay ahead of the curve.

Threat Detection 214

Threat Detection Artificial Intelligence Marketing Phishing 214