Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

An important piece of cybersecurity, SOAR solutions provide a single location for you to observe, understand, and decide how to respond to security incidents. Short for security orchestration, automation and response, true SOAR solutions are operational tools that can be very flexible and powerful, useful even beyond security use cases. In this article, we’ll explore what SOAR is, why it’s important for enterprises and how you can get the most value from your SOAR solution.

In the ever-evolving landscape of cybersecurity, the battle against ransomware has taken a concerning turn. According to the latest findings from Secureworks annual State of the Threat Report, the deployment of ransomware is now occurring within just one day of initial access in more than half of all engagements.

The ransomware attack on ICBC Financial Services caused disruption of trading of U.S. Treasuries and marked a new level of breach that could have massive repercussions. When we saw the attack on the Colonial Pipeline back in 2021, the impact was felt throughout the Southeast United States. Any attack on key businesses that keeps an economy running will have some form of impact should the attack be successful.

A phishing campaign is impersonating Disney+ with phony invoices, according to researchers at Abnormal Security. The phishing emails targeted individuals at 22 organizations in September. “The first step in this multi-stage attack is a seemingly auto-generated notification email informing the target of a pending charge for their new Disney+ subscription,” the researchers explain.

The Pan-American Life Insurance Group (PALIG) provides various insurance plans across the states and beyond. PALIG employs more than 2,100 staff and has a 110-year history of providing insurance to those needing it. Companies and individuals turn to PALIG in their time of need, and PALIG returns the favor by providing high-quality insurance options.

Amazon EC2 is the most popular cloud computing environment and powers a great part of the Internet. Accessing EC2 Instances is done using SSH, which typically involves generating and managing SSH Keys. This is not easy when you have a large fleet/team.

More than two years after the major U.S. pipeline ransomware incident, the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team has released a new report revealing that 90% of the largest global energy companies have experienced a third-party breach in the past 12 months. This research highlights the uphill battle faced by the energy industry in combating emerging threats across the supply chain.

The risk of data breaches has become an omnipresent concern for businesses and organizations. And as technology continues to evolve, so do the tactics of cybercriminals. One critical aspect of cybersecurity strategy involves preparing for and responding to third-party data breaches. A well-constructed response playbook is indispensable in mitigating the potential damages and ensuring a swift recovery.

Some things, like choosing tools, are perennial problems. Others, like complete security team turnover, seem to be a more recent development within my circles. But either way, staff turnover has ripple effects that are not always immediately apparent. Let’s take a look.

As the new year approaches, security professionals and analysts alike are taking a step back to review what has transpired over the past twelve months. At Devo, 2023 was an exciting year full of change and progress. As we look forward to 2024, we want to take some time to reflect on Devo’s year across product enhancements, analyst recognition, partnerships, and community engagement.