SecOps

Going Native: A Cloud-Shift Strategy for Your Security Operations Team

Nov 9, 2021 By Nipun Gupta In Devo

The shift to the cloud has greatly accelerated during the past year, and with that shift most cybersecurity incidents now involve cloud infrastructure. According to the 2021 Verizon Data Breach Investigations Report, 73% of cybersecurity incidents involved cloud assets — a 27% increase from last year. The 2021 IBM Security X-Force Cloud Threat Landscape Report also found there are 30,000 cloud accounts potentially for sale on dark web marketplaces.

Read Post

Devo

Read more about Going Native: A Cloud-Shift Strategy for Your Security Operations Team

Play Now with BOTS Partner Experiences: Corelight

Nov 9, 2021 By John Stoner In Splunk

In December 2019, a small team met at the Splunk office in Boulder to figure out how we could provide a 24x7x365 experience for Boss of the SOC (BOTS). As we started brainstorming, this broadened to include workshops to provide an opportunity to learn in addition to a place to play.

Read Post

Splunk

Read more about Play Now with BOTS Partner Experiences: Corelight

XDR: Demystifying the Hottest Cybersecurity Buzzword

Nov 8, 2021 By Ian McShane In Arctic Wolf

Extended detection and response (XDR) has transpired into a market description that, in my not so humble opinion, proves to be as troublesome as the phrases “next gen” or “machine learning” were from 2016 to 2020. I’ll quote myself from a popular blog post from my time at Gartner: Naming aside, the one thing that all InfoSec commentators agree on is that XDR is an evolution of the endpoint-centric approach pioneered by legacy security vendors.

Read Post

Arctic Wolf

Read more about XDR: Demystifying the Hottest Cybersecurity Buzzword

Arctic Wolf Cloud Detection and Response

Nov 8, 2021 By Arctic Wolf In Arctic Wolf

The cloud has changed the way we work. Accelerate your cloud transformation and have confidence your business is secure–with Arctic Wolf Cloud Detection and Response. Built atop the cloud-native Arctic Wolf platform, Cloud Detection and Response allows you to experience an effective way to secure activity across both infrastructure as a service platforms–like AWS, Microsoft Azure, and Google Cloud Platform, and applications–such as Microsoft 365, Salesforce, Google Workspace, Box, and Workday.

View Video

Arctic Wolf

Read more about Arctic Wolf Cloud Detection and Response

Increase SOC Effectiveness with Streaming Analytics

Nov 3, 2021 By Paride Letizia In Devo

Operating an effective SOC requires overcoming a wide range of challenges. Often, security teams have too many disparate tools to manage, too many alerts to make sense of, and too many data sources that prevent the team from achieving full visibility. All these hurdles can make it difficult for your SOC analysts to identify and quickly respond to suspicious behavior and indicators of compromise.

Read Post

Devo

Read more about Increase SOC Effectiveness with Streaming Analytics

Five Pillars of a Powerful Security Awareness Program

Nov 2, 2021 By Nathan Caldwell In Arctic Wolf

It seems that we might be getting to the tipping point in the corporate world where most organizations and businesses recognize they’re exposed to an increasing amount of cybersecurity risk. And with bad guys devoting a large portion of their strategy to targeting employees, the need for effectively training employees is intensifying. But before you begin to evaluate or build a program you need to first define and cement what it is you are looking to accomplish with your program.

Read Post

Arctic Wolf

Read more about Five Pillars of a Powerful Security Awareness Program

How to Automate the Handling of Suspicious User Behavior

Nov 1, 2021 By Theo Despoudis In Torq

We live in a technological society, and cyber attacks are on the rise. Much of this fraudulent activity is linked to malicious actors or gangs of cyber criminals who are trying to exploit anything they can get their hands on. By using tools like Cobalt Strike or customized alternatives, they attempt to penetrate an organization's defenses in order to gain leverage, exfiltrate PIIs, plant ransomware or CnC beacons, or perform other kinds of malicious acts.

Read Post

Torq

Read more about How to Automate the Handling of Suspicious User Behavior

7 Tips To Boost Performance of Your Splunk Enterprise Security Operations

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to optimize CPU and Memory usage to achieve considerable costs savings, how the built-in monitoring console and Enterprise Security auditing page can provide better visibility into how your SIEM is performing, and how to empower your team with bottleneck root cause analysis and performance tuning skills to scale your ES operations.

View Video

Splunk

Read more about 7 Tips To Boost Performance of Your Splunk Enterprise Security Operations

Converging Platforms: How Do XDR, SIEM, and SOAR Compare?

Nov 1, 2021 By Arctic Wolf

Security information and event management (SIEM), security orchestration, automation, and response (SOAR), and the newer extended detection and response (XDR) solutions have become the top choices for organizations wanting a unified view of activity within their IT environments. By combining relevant data into single consoles, XDR, SIEM and SOAR technologies minimize the time analysts spend moving between platforms and make it easier to correlate the data and develop subsequent steps appropriately.

Get White Paper

Arctic Wolf

Read more about Converging Platforms: How Do XDR, SIEM, and SOAR Compare?

Arctic Wolf Platform for the HIPAA Security Rule

Nov 1, 2021 By Arctic Wolf

The Health Insurance Portability and Accountability Act (HIPAA) Security Rule focuses on the safeguarding of electronic protected health information (ePHI) through the implementation of administrative, physical, and technical safeguards.

Get White Paper