For folks who are responsible for threat detection of any kind for their organizations, the cloud can often be a difficult area to approach. At the time of writing, Amazon Web Services contains over two hundred services, while the Azure cloud offers six hundred. Each of these services can generate unique telemetry and each surface can present defenders with a unique attack path to handle. Adding to this complexity is the diversity of cloud workload configurations, as well as varying architecture models.

For many years, hackers and cybercriminals have used social engineering techniques to gain unauthorized access to confidential information. It is easy to predict that these attacks will continue to advance in sophistication and frequency. Whether they are using AI to create better lures or cyber criminals are just getting more adept at exploiting human nature, the success of these attacks proves the tactics are winning.

Playbooks — and automated processes in general — used to be associated primarily with security orchestration, automation and response (SOAR) platforms, but that has changed recently. Many modern security information and event management (SIEM) solutions have started incorporating SOAR-like functionality, enabling you to automate security workflows and improve your mean time to detect (MTTD) and mean time to respond (MTTR).

What to expect when you’re expecting a cybersecurity audit for compliance A cybersecurity audit is a structured evaluation or assessment conducted to determine an organization's level of compliance with relevant cybersecurity regulations, industry standards and internal policies. Read on to learn what an audit is looking for, the challenges of an audit, how to prepare for one, and the tools that can help your organization get ready.

Even the mightiest, most prestigious companies and enterprises are not exempt from the advanced threats of cyber attackers. In the ever-evolving cybersecurity threat landscape, an organization's security team like yours needs robust security measures for network security, endpoint security, threat detection, anomaly detection, data protection, security monitoring, application security and information security.

Consider the following scenario: you are asked by your leadership to find dedicated time for threat hunting activities within your network. After some time, access to the shiny new tool of choice is granted and you are super excited to get started. You log into the tool and are greeted with a lovely search bar; how do you proceed from here? The tool presenting the blank search bar is undoubtedly powerful and feature packed.

So, you want to be a cybersecurity analyst. You’ll be pleased to know it’s a profession with a strong job outlook, thanks to the increasing importance of cybersecurity. With the rise in high-profile data breaches, privacy concerns and rapid technological advancements, there is a greater demand for cybersecurity analysts now than ever.

The U.S. Securities and Exchange Commission (SEC) announced new regulations for public companies requiring them to disclose a “material cybersecurity incident” via formal report due four business days after a company determines that a cybersecurity incident is material. This is creating a lot of buzz, with companies worried if they will be prepared.

Within the security community of late, the focus has been on “shifting left”, and while that has merit, it is somewhat myopic missing some of the realities of defense in practice. Instead, I propose a simple framework to help guide initiatives that will “level up” defenses and greatly improve security postures wholistically. Some license is taken in terminology in order to keep things simple, memorable, and applicable.

For those responsible directly or indirectly for the cyber defense of their organizations, June 2023 is proving to be an extremely challenging month. In this month alone, vulnerabilities were discovered in various appliances, ranging from CVE-2023-27997 impacting FortiGate devices to CVE-2023-35708 impacting MOVEit Transfer software as well as the exploitation activity discovered of Barracuda appliances via CVE-2023-2868.