%term

SOC Metrics: Security Metrics & KPIs for Measuring SOC Success

May 18, 2023 By Shanika Wickramasinghe In Splunk

The Security Operations Center (SOC) is the central unit that manages the overall security posture of any organization. Knowing how your SOC is performing is crucial, so security teams can measure the strength of their operations. This article describes SOC metrics, including their importance, common SOC metrics, and the steps SOC teams can take to improve them.

Read Post

Splunk

Read more about SOC Metrics: Security Metrics & KPIs for Measuring SOC Success

Securing your enterprise: The importance of a security operations center

May 10, 2023 By General In ManageEngine

The world is increasingly embracing cloud technology. The fact that cloud requires minimal infrastructure and operational costs is attracting enterprises to shift to cloud. Remote and hybrid work modes following the pandemic has added to the continued rise of cloud.

Read Post

ManageEngine

Read more about Securing your enterprise: The importance of a security operations center

How Torq Hyperautomation Reinvents Security Case Management

May 10, 2023 By Leonid Belkind In Torq

For years, efficient Case Management has been one of the single most challenging tasks for security operations professionals. It involves ensuring all threats are proactively identified and prioritized based on risk criticality, and then rapidly investigated and appropriately elevated across all organizational cybersecurity platforms and tools. Optimally, it sets up a near-bulletproof incident response posture that makes the most of an organization’s cybersecurity ecosystem.

Read Post

Torq

Read more about How Torq Hyperautomation Reinvents Security Case Management

Leveling Up Security Operations with Risk-Based Alerting

May 9, 2023 By Jeff Darrington In Graylog

In life, you get a lot of different alerts. Your bank may send emails or texts about normal account activities, like privacy notices, product updates, or account statements. It also sends alerts when someone fraudulently makes a purchase with your credit card. You can ignore most of the normal messages, but you need to pay attention to the fraud alerts. Security is the same way.

Read Post

Graylog

Read more about Leveling Up Security Operations with Risk-Based Alerting

Using Co-Managed SOC to Derive Maximum Value from a SIEM Investment

May 5, 2023 By Trustwave In Trustwave

Security information and event management (SIEM) systems are crucial to cyber security, providing a solution for collecting and analyzing alerts from all manner of security tools, network infrastructure, and applications. But simply having a SIEM is not enough because to be truly effective, it must be properly configured, managed, and monitored 24x7.

Read Post

Trustwave

Read more about Using Co-Managed SOC to Derive Maximum Value from a SIEM Investment

Torq Hyperautomation: The Most Talked About Product at RSAC

May 5, 2023 By Don Jeter In Torq

When you say, “SOAR is Dead,” you’ll get some attention, and that’s exactly what happened at RSAC 2023. But it wasn’t just a statement that created the buzz.

Read Post

Torq

Read more about Torq Hyperautomation: The Most Talked About Product at RSAC

How Torq Hyperautomates Threat Hunting

Apr 30, 2023 By Dor Morgenstern In Torq

Threat hunting is the process of proactively searching for hidden threats in an organization’s environment – a critical modern cybersecurity activity. However, relying on manual threat hunting alone can be time-consuming and resource-intensive.

Read Post

Torq

Read more about How Torq Hyperautomates Threat Hunting

Consider This: Login Credentials

Apr 28, 2023 By Arctic Wolf In Arctic Wolf

Login credentials are of great value to cybercriminals, which is why they have a lot of tricks, tactics, and techniques for obtaining user names and passwords. In this episode of "Consider This," we hear a story of a legitimate-looking email leading to a co-worker's world being turned upside down. Learn more about how to engage and prepare employees to recognize and neutralize social engineering attacks with Arctic Wolf's Managed Security Awareness.

View Video

Arctic Wolf

Read more about Consider This: Login Credentials

CS Brown Bag 4 25 Observability

Apr 26, 2023 By Sumo Logic In Sumo Logic

Brown Bag Session focused on security delivered by Pawel Dukat - April 25, 2023.

View Video

Sumo Logic

Read more about CS Brown Bag 4 25 Observability

SecOps In Seconds: Creating Response Templates in Splunk Mission Control

Apr 26, 2023 By Splunk In Splunk

Streamline your workflows by improving SOC process adherence when you codify your operating procedures into pre-defined templates. Use Splunk Mission Control to speed up investigations with pre-built response templates that include embedded searches, actions, and playbooks to empower security analysts. Model your response plans based on pre-built templates that can be used for security use cases such as “Encoded PowerShell Response”, “Insider Threat” or “Ransomware”. Or build your own templates based on your established processes that are scattered across systems to finally achieve repeatable security operations. This allows you to close the gap between your Splunk ES detections and rapid incident response.

View Video