Unmask cybercriminals through identity attribution
Organized crime has grown more complex since the turn of the century—coinciding with the rise of the digital world, cybercriminals have leveraged the proliferation of …
security operations
SOCs still overwhelmed by alert overload, struggle with false-positives
Security Operations Center (SOC) analysts continue to face an overwhelming number of alerts each day that are taking longer to investigate, leading five times as many SOC …
SOC-as-a-Service promises threat protection in a world of scarce resources
Despite more than a few decades’ worth of technological advancement and millions of dollars’ worth of research, cyber threats continue to flourish. The situation has been …
The persistent struggle to improve SOC productivity reveals the need for newer SIEM technologies
On average, security personnel in U.S. enterprises waste approximately 25 percent of their time chasing false positives because security alerts or indicators of compromise …
The biggest SecOps burdens hindering progress for enterprises and MSSPs
Only 16% of security operations professionals think that their SecOps programs have reached the highest maturity level, according to a Siemplify and Cyentia Institute study. …
Latest trends in automated threat intelligence-driven network security
Since the earliest days of the Internet both network threats and network defenses have been evolving. In this Help Net Security podcast recorded at RSA Conference 2019, Todd …
Machine learning trumps AI for security analysts
Machine learning is currently one of the biggest buzzwords in cybersecurity and the tech industry in general, but the phrase is often overused and misapplied, leaving many …
Detecting malicious behavior blended with business-justified activity
With organizations moving to the cloud and remote workers becoming the rule rather than the exception, the definition of the network is changing. Add to this the increasing …
Five key considerations when developing a Security Operations Center
Ensuring access to a reliable feed of threat intelligence through a security operations center (SOC) is an essential element of many organization’s security strategy today. …
Why humans are necessary to the threat hunting process
For thousands of years, humans have worked to collect intelligence on their enemies. Intelligence gathering is not a new practice; in fact, it is one of the oldest war tactics …
How to create a Hall of Fame caliber cybersecurity playbook
Whether the sport is football, basketball or hockey, all the best coaches have playbooks and reports with the latest information on opponents. They study the playing field and …
How metrics can enhance the effectiveness of security programs
For anyone responsible for maintaining their organization’s security posture, the findings from the SANS 2018 Security Operations Center (SOC) Survey should come as no …