Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Incident Response

Incident Response Automation Challenges - State of Incident Response 2021

Sep 13, 2021 By Kroll In Kroll
With the volume and sophistication of cyber threats growing, we asked 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue how their organizations are planning to deal with incident response. Nearly all teams plan on automating more of their IR process, but nearly half face headwinds like lack of in-house expertise, lack of proper technology, and lack of bandwidth.
View Video

The Role of Managed Detection and Response - State of Incident Response 2021

Sep 13, 2021 By Kroll In Kroll
Internal security teams are overwhelmed by cyber threats and finding seasoned incident response professionals is now harder and more expensive. The State of Incident Response 2021 surveyed 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to learn how managed detection and response vendors are incorporated into their security programs. Over 76% of organizations are relying on a third-party vendor to augment in-house capabilities, and their biggest benefit is delivering faster containment, response, and more automation capabilities.
View Video
sumologic

Flexible Incident Response playbooks for any situation

Aug 25, 2021 By Andrea Fumagalli In Sumo Logic
One of the major buzzwords when talking about cyber incident response is playbooks, advanced workflows with specific actions tailored to deal with and respond to cyber incidents. Over the past few security conferences, I have noticed something of a trend emerging that centers on the uncertainty and hesitance that some incident response teams have regarding the use of playbooks and, in particular, around the notion of automation in incident response.
Read Post
ThreatQuotient

Anatomy of a Supply Chain Attack: How to Accelerate Incident Response and Threat Hunting

Aug 24, 2021 By Patrick Declusin In ThreatQuotient

In recent months, we’ve seen a sharp rise in software supply chain attacks that infect legitimate applications to distribute malware to users. SolarWinds, Codecov and Kesaya have all been victims of such attacks that went on to impact thousands of downstream businesses around the globe. Within minutes of these high-profile attacks making headline news, CEOs often ask: “Should we be concerned? How is it impacting us? What can we do to mitigate risk?” .

Read Post

SANSFire: An Alert Has Fired. Now what?

Aug 24, 2021 By Corelight In Corelight
While the security industry spends a lot of time and energy getting more and/or better alerts, comparatively little investment has gone into helping analysts operationalize and contextualize those alerts. This webcast will discuss how a solid foundation of network telemetry can enable not only high-velocity, high-confidence processing of alerts of all stripes, but also a host of other critical security applications, from fundamentals like asset management to advanced techniques like proactive threat hunting. Real-world examples and code will be used throughout the talk, along with practical considerations for operating in an enterprise environment.
View Video
devo

What is Digital Forensics? Defining Digital Forensics and Incident Response

Aug 23, 2021 By Devo In Devo

According to Research and Markets, the worldwide digital forensics market will expand at a compound annual growth rate of 13% through 2026. The rise of cybercrime is most certainly driving its growth — especially since digital forensics plays a critical role in mitigating cyberthreats in the modern security operations center (SOC).

Read Post
tripwire

Using Threat Modeling to Boost Your Incident Response Strategy

Aug 22, 2021 By Tripwire Guest Authors In Tripwire

Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed. Threat modeling has a two-way relationship with incident response.

Read Post
logsign

What is an Incident Response Plan and How to Create One?

Aug 4, 2021 By Logsign In Logsign

Regardless of size, every company could experience a cybersecurity incident one day. Security incidents can occur in companies, public institutions, schools, etc. Cybersecurity incident actions are similar to actions to be taken in response to a security incident, for example in a school. It is an inevitable reality that your network may be exposed to an incident threat.

Read Post
splunk

Demystifying the Hype Around XDR

Jul 15, 2021 By Jane Wong In Splunk

Extended Detection and Response (XDR) has generated a lot of buzz recently with press, analysts, and even customers. There’s no denying that, at face value, its promise of reduced complexity and cost while increasing detection and response is alluring. As security teams look to modernize their security tooling, they’re also looking for solutions to some of their largest challenges. Is XDR the answer? What is XDR, exactly, and how do you determine if it’s right for your organization?

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.