In 2018, the Cybereason Research team identified a series of attacks targeting telecommunications companies. These attacks shared the same TTPs and consisted of a webshell execution followed by the deployment of Poison Ivy, a well-known RAT attributed to Chinese APT groups.
Security operations (SecOps) and network teams (NetOps) have traditionally acted separately, but increasing IT complexity and scale means that aligning these two groups is a critical step towards delivering a fast and secure user experience.
A recent global SANS Institute survey found that only 30 percent of SecOps...
The SANS 2019 Security Operations Survey focuses on how organizations worldwide are adapting to technological shifts and keeping their businesses safe against constantly innovating attackers.
Download this white paper to learn about SOC best practices and more:
Network-based detection tools had the highest levels...
Even after implementing SOAR, SIEM, IDPS and other technologies to improve security insights, companies still spend thousands of hours triaging alerts that are mostly false positives. Given the ever-increasing volume of alerts, SOC teams are forced into a "do what you can do" strategy that focuses on high-value, high...
Popular business applications are increasingly delivered through the cloud using a software-as-a-service (SaaS) model, and cybersecurity applications are no exception. This is good news for small to midsize enterprises (SMEs) that don't have the budgets for in-house security technologies like a SIEM, and lack security...
The success of security operations centers will depend on how well they blend key technologies - including detection, user behavior analytics and orchestration, says Haiyan Song of Splunk, who offers strategic insights.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
Managing a security operations center is fraught with challenges, says Stephen Moore of Exabeam, who outlines the findings of a new "State of the SOC" report.
Many of today's companies are hesitant to adopt new security technologies - particularly AI. The truth is AI is successfully disrupting many areas of security operations and shifting us away from the traditional SOC and man-led threat intelligence.
In this webinar, Chris Calvert will introduce the concept of...
Hiring and keeping good IT/security practitioners can be tough, so once you've got good talent you'll need to work to keep them.
Download this eBook and learn ways to keep your security analysts happy by:
Getting your security tools in order;
Building a feedback loop to stop false positives;
Setting a tone for...
Understanding the true costs of building and operating a security operations center has more to do with the capability you'd like to field than the people you need to hire to run it 24x7.
Download this eBook and learn:
The different levels of SOC capabilities;
How to determine which level is right for your...
When you have limited resources and a large attack surface to protect, smart prioritization is crucial. Frameworks like the Center for Internet Security (CIS) Top 20 Critical Security Controls are designed to help you make those difficult decisions, but a framework is only useful if you've got the resources to follow...
Encryption is skyrocketing both inside corporate networks and on the public internet - and studies show that more and more attackers are using this trend to hide their activities from your SOC:
70% of malware binaries sampled in the 2018 Annual Cybersecurity Report from Cisco took advantage of encrypted network...
You've heard the AI evangelists, but how can you ensure the AI solution you invest in is an intelligent, cognitive solution that can make your job easier?
The no-hype answer centers around making sure it can learn and can be proactive. It should automate your repeatable tasks to mitigate fatigue and solve what...
Security's focus must shift away from tactical technologies and towards a strategic approach that focuses on delivering quantifiable improvement to the effectiveness and efficiency of security operations.
Download this report and learn about:
Demonstrating security's value to the c-suite;
Prioritizing security...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.
