Sophos Firewall: NDR Active threat intelligence
A step-by-step tutorial showing how to configure and use NDR Active Threat Intelligence in Sophos Firewall, simulate detections, and investigate high-risk activity in Sophos Central.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Why Your Detection Latency Budget Determines Blast Radius
Most teams buy detection on a single number. The datasheet says “millisecond detection,” the proof-of-concept fires the instant a test payload lands, and the box gets checked. Then a real AI agent incident runs in production, and the postmortem shows the attack completed its objective well before anyone contained it, even though the alert, technically, fired in milliseconds. The number was real. It just measured the wrong thing.
Tool Call Analysis for AI Attack Detection: Reading What Rides Inside the Call
A compromised agent doesn’t make a single call it isn’t allowed to make. It queries a table it’s authorized to read, calls a tool it’s authorized to use, sends to a domain that’s on the allowlist. Every call is legal. The attack is in the values it passes, and your tool-call log records all of it as a clean day’s work. A tool call has two layers. Almost every tool you run reads the first one: the call itself: which tool, in what order, at what rate.
Securonix (ThreatQ) positioned as a Leader in the SPARK Matrix: Digital Threat intelligence Management, 2026 by QKS Group
The QKS Group SPARK Matrix™ provides competitive analysis & ranking of the leading DTIM vendors. Securonix (ThreatQ), with its comprehensive platform, has received strong ratings across technology excellence and customer impact.
ITSP: Corelight launches Agentic AI that makes SOC triage 10x faster
Modern SOCs face a difficult reality: attackers are moving faster while analysts are being asked to investigate more alerts than ever. Learn how agentic triage helps security teams move from alert overload to evidence-backed investigations. Rather than relying on opaque AI outputs, the approach uses expert-written playbooks and exposes the underlying queries and evidence so analysts can verify conclusions against raw network data.
Cyber Risk: How do you detect a threat?
The Zero-Lag Posture See how UpGuard is moving beyond static defense to a model that identifies emerging vectors like MCP servers and neutralizes browser-based threats in real time. Interested in finding out more about UpGuard?
Falcon Cloud Security: Cloud Detection & Response for GCP
CrowdStrike Cloud Detection & Response enables defenders to detect and stop attacks instantly, not just on workloads, but also in the cloud control plane.
CrowdStrike Named a Leader in Identity Threat Detection and Response
Two recent industry reports validate CrowdStrike’s leadership in the identity threat detection and response (ITDR) market: Identity is the front line of modern cyberattacks. Today’s adversaries log in and use legitimate identities to move laterally, escalate privileges, and operate inside legitimate sessions as trusted users.
Understanding continuous threat exposure management (CTEM)
Continuous threat exposure management, or CTEM, is a five-stage program framework for continuously reducing real-world security exposure. It builds on vulnerability scanning by adding risk-informed prioritization, validation of exposure conditions and control effectiveness, and cross-team mobilization to drive remediation.
Sophos Email: Self Service Portal overview
Use the Sophos Central Self Service Portal to perform daily email tasks without the need of a network administrator, including managing quarantined messages, allowing or blocking senders, and leveraging the Emergency Inbox in the event of a service outage.