Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.

It’s no secret that the rapid speed of modern software development means an increased likelihood of risky flaws and vulnerabilities in your code. Developers are working fast to hit tight deadlines and create innovative applications, but without the right security solutions integrated into your processes, it’s easy to hit security roadblocks or let flaws slip through the cracks.

Dashboards are an integral part of a SIEM solution as they help you in visualizing the security of your organization’s technical infrastructure in real-time. In our last article, we discussed in detail about the pre-configured dashboards on Logsign SIEM and the information they present for your security team. From threat intelligence to identity management, what types of dashboards are available under each category.

Managing the demands of a distributed workforce — especially across multiple time zones and countries — is difficult in the best of times. Now, in the time of the Coronavirus, security leaders are being asked to manage new productivity tools at unprecedented speeds while keeping data security top of mind. As more companies add Slack to their communications and productivity stacks, security policies are being tested in new ways.

So far in our blog series, we have discovered that there is a high understanding of the threats that bots cause across all industries. We recently carried out a survey of 200 UK enterprises across e-Commerce, financial services, entertainment and travel. In part three of our blog series, we discussed how bots are affecting different industries. There is very little need to explain to businesses that bots can be a problem.

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

Security configuration management (SCM) can help organizations do much more than just harden their attack surfaces against intrusions. This fundamental control also has the ability to make your audits flow more smoothly. Indeed, it allows organizations to pull reports from any point in time and demonstrate how their configuration changes and alignments help to support their compliance efforts.

Security incidents are often hard to detect and tend to go unnoticed for far too long. They’re also time-consuming to investigate, since gathering evidence and correlating facts may take months or even years. For instance, the graphic design website Canva became aware of the theft of user credentials for almost a million accounts only seven months after the actual incident. That’s why it’s better to put your effort into preventing incidents rather than handling their consequences.

It was the day before a holiday break, and everyone was excited to have a few days off to spend with friends and family. A skeleton crew was managing the security operations center, and it seemed as though every other team left early to beat the holiday traffic. Every team other than the vulnerability management (VM) team that is. Just before it was time to leave for the day, and the holiday break, the phone rang.

The cybersecurity of industrial systems is becoming a hot topic in today’s headlines. Since connectivity to external networks is being increased significantly, security is becoming the priority in industrial IT and Operational Technology (OT). Many organizations don’t have a reliable cyber defense against their OT assets.