June 3, 2024 at 11:02AM Endpoint Detection and Response (EDR) solutions can be enhanced with extended detection and response (XDR) capabilities. By correlating data from various security layers, XDR reduces false positives, improves threat detection, and enhances security efficiency. When considering XDR, factors to assess include integration, investigative abilities, user experience, future enhancements, pricing, and … Read more
May 24, 2024 at 08:40AM The Security Operations Center (SOC) faces ever-evolving threats, prompting a transformative shift in detection and response to cybersecurity threats. Extended Detection and Response (XDR) platforms, incorporating Artificial Intelligence, offer unified capabilities across security domains. Successful implementation involves phased strategy focusing on breadth, team confidence, and threat intelligence to keep pace … Read more
May 17, 2024 at 06:31PM IBM has agreed to sell its QRadar SaaS portfolio to Palo Alto Networks, impacting CISOs’ procurement plans and vendor relationships. This deal, expected to close by September, includes a partnership for IBM Consulting to become a preferred MSSP for Palo Alto Networks customers. Customers now face decisions about migration paths … Read more
May 13, 2024 at 06:22AM In the last decade, IT and cybersecurity have seen a growing gap between front-line analysts and senior management, leading to challenges like high alert volumes and false positives. The SHQ Response Platform offers AI-driven log correlation and visualization to streamline incident investigation, leading to proactive risk mitigation and a more … Read more
May 6, 2024 at 10:08AM AT&T completed divesting its cybersecurity services and formed a joint venture, LevelBlue, focusing on managed cybersecurity services. The company will incorporate AT&T’s cybersecurity assets and plans to invest in technology and customer service. LevelBlue aims to tailor offerings for market share growth and faces the challenge of growing its team … Read more
April 9, 2024 at 06:06AM StrikeReady, a Silicon Valley startup, secures $12 million in new financing from 33N Ventures for its technology to modernize cybersecurity command centers. The Series A round includes equity interests from Hitachi Ventures, Monta Vista Capital, and cybersecurity executives. StrikeReady plans to use AI to simplify SOC environments and automate security … Read more
February 27, 2024 at 06:15AM Security Operations Centers (SOC) professionals rely on processing alerts swiftly. Threat intelligence platforms, such as ANY.RUN’s Threat Intelligence Lookup, facilitate SOC investigations by providing access to threat data and enhancing threat analysis. These platforms offer deeper visibility into threats, faster alert investigations, proactive threat hunting, and support informed decision-making. From … Read more
February 21, 2024 at 04:18AM The SANS 2023 SOC report offers data-driven insights and emerging trends shaping the future of cybersecurity operations. Key findings include budget allocation, metrics usage, calculating SOC value, staffing dynamics, and major challenges such as lack of context, automation and orchestration, blind spots, and shortage of skilled staff. Strategic implications include … Read more
February 9, 2024 at 04:09PM LimaCharlie, a startup offering pay-as-you-use technology in security operations, secures $10.2 million in Series A funding led by Sands Capital, with equity stakes for CoFound Partners, Long Journey Ventures, Lytical Ventures, Myriad Venture Partners, StoneMill Ventures, and Strategic Cyber Ventures, totaling $16.5 million raised. CEO Maxime Lamothe-Brassard highlights their flexible … Read more
December 19, 2023 at 07:26PM Expel released the report “Frameworks, Tools and Techniques: The Journey to Operational Security Effectiveness and Maturity” by the SANS Institute. The majority of respondents prefer the NIST CSF framework. Results also indicate a lag in training and cyber-readiness exercises. The report provides insights on SOC practices, metrics, and security program … Read more