April 2021

Why answering the question of orchestration vs automation will improve your security effectiveness

Apr 28, 2021 By Anthony Stitt In ThreatQuotient

The investment in security operations is at an all-time high. AustCyber’s ‘Australia’s Cyber Security Sector Competitiveness Plan’ shows spend on security operations makes up more than 40% of all cybersecurity spend ($1.58B in 2018), with cyber spending growth outpacing IT spending growth by nearly two to one.

Read Post

ThreatQuotient

Read more about Why answering the question of orchestration vs automation will improve your security effectiveness

Uncover Cyber SOAR Series - ThreatQuotient

Apr 27, 2021 By ThreatQuotient In ThreatQuotient

Joel Bork, Jonathan Couch, and Christian Galladora dive into the ThreatQuotient Threat Intelligence and Investigative Platform to uncover the technical details and features that exist!

View Video

ThreatQuotient

Read more about Uncover Cyber SOAR Series - ThreatQuotient

Streamlining Vulnerability Management with Splunk Phantom

Apr 22, 2021 By Kelly Huang In Splunk

Vulnerabilities are weaknesses in the security infrastructure that bad actors can exploit to gain unauthorized access to a private network. It is nearly impossible for security analysts to patch 100% of the vulnerabilities identified on any given day, but a vulnerability management plan can ensure that the highest risk vulnerabilities (those that are most likely to cause a data breach), will be addressed immediately.

Read Post

Splunk

Read more about Streamlining Vulnerability Management with Splunk Phantom

What is SOAR?

Apr 20, 2021 By Logsign In Logsign

If an individual wants to acquire information about cyber security, or cyber security tools in general, coming across SOAR is inevitable. Since the SOAR abbreviation is all over the place, the importance of it is also easy to recognize. What makes SOAR crucial for cyber security then? In order to answer this question, the full name of the tool should be addressed. SOAR stands for** Security Orchestration Automation and Response**.

Read Post

Logsign

Read more about What is SOAR?

Splunk SOAR Playbooks: Azure New User Census

Apr 9, 2021 By Splunk In Splunk

Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.

View Video

Splunk

Read more about Splunk SOAR Playbooks: Azure New User Census

Taking Automation Beyond the SOC With Advanced Network Access Control

Apr 8, 2021 By Kelly Huang In Splunk

Security orchestration, automation and response (SOAR) tools are most commonly known for automating manual security operations processes in order to expedite security investigations or cyber response. For instance, Splunk’s SOAR technology, Splunk Phantom, is most commonly used to automate alert triage, phishing investigation and response, threat hunting and vulnerability management.

Read Post

Splunk

Read more about Taking Automation Beyond the SOC With Advanced Network Access Control

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

April 2021

Why answering the question of orchestration vs automation will improve your security effectiveness

Uncover Cyber SOAR Series - ThreatQuotient

Streamlining Vulnerability Management with Splunk Phantom

What is SOAR?

Splunk SOAR Playbooks: Azure New User Census

Taking Automation Beyond the SOC With Advanced Network Access Control

Monthly Archive

Follow Us