To kick off season 5 of the Future of Security Operations podcast, I’m joined by Mandy Andress. Mandy is the Chief Information Security Officer at Elastic, a leading platform for search-powered solutions, and has more than 25 years of experience in information risk management and security. Before Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada.

Every day, the growing threat landscape presents new challenges for security teams, with threats becoming more diverse and complex. But while teams typically have the tools to gather the intelligence they need, they often run into trouble with the next steps in the process - enriching, prioritizing and responding to this intel.

In an ideal approach to zero trust, in which every user and device must continually prove their identity, automation is more than a useful tool, it’s essential to your federal agency’s success. You don’t need to take our word for it - security automation and orchestration is mandated by M-22-09 and M-21-31, and forms an integral part of the framework in CISA’s ZTMM (zero trust maturity model).

We sat down with John to tap into his 20+ years of experience in federal security, and explore the most pragmatic approaches to zero trust, along with some pitfalls to avoid.

Few would argue that zero trust has become one of the most important principles of modern cybersecurity programs. But ever since the concept of zero trust security was first popularized by Forrester in 2009, many federal government agencies in the United States (along with private sector companies) have struggled to understand its requirements and implement it effectively. Critically, zero trust does not represent a single security method or a type of technology.

Understanding malware is essential to defending an organization against attacks. Analyzing suspicious applications helps us determine if an alert is a false positive, and the information discovered can be used to help remediate an incident or strengthen a system's defenses against further attacks.

Security teams are busier than ever, so it’s no surprise that practitioners are using podcasts to keep up to date with cybersecurity news, ideas, and tools. The data backs this one up - according to the 2023 Voice of the SOC report, 83% of security professionals listen to at least one security podcast. So which podcasts are practitioners listening to? Our report, which surveyed 900 security professionals in the US and Europe, identifies 9 frontrunners.

In this blog post, Kevin Menezes, Sr. Manager, Customer Success, shares his best practices for getting started with Tines. Over the past decade, I've worked closely with security leaders at all types of organizations, from Fortune 10 companies to organizations with 10 employees, as they deploy new security products to help them optimize and streamline processes. And here's what I've learned - it’s unusual - but not impossible! - to onboard customers quickly.

With the cybersecurity landscape constantly evolving, discussing cybersecurity trends for 2024 can feel like trying to predict the unpredictable. But amid all the uncertainty, trading ideas about the future of security can help us better understand how to prepare for the months ahead. Here, our co-founders Thomas Kinsella and Eoin Hinchy share five cybersecurity predictions for 2024, including insights on AI's role in security, the ever-changing role of the CISO, and more.

While you can build nearly anything in Tines without writing code, users occasionally prefer to use Python scripts to perform a step in their stories. The reasons for this vary, but we're happy to share that there's a simple way to securely execute Python scripts in Tines. So let's take a closer look at how it works, and talk through some best practices for using Python in Tines.