security operations Archives - Help Net Security

security operations

Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)

July 21, 2021

A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …

The impact of current and emerging threats on the day-to-day lives of SecOps teams

June 25, 2021

More than half of IT and cybersecurity professionals noted ransomware or zero-day attacks as the biggest threats to their organization, according to a Deep Instinct survey. …

New tool allows organizations to customize their ATT&CK database

June 23, 2021

MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …

SOC burnout is real: 3 preventative steps every CISO must take

June 23, 2021

Consider this scenario: Morgan, a level 3 security analyst, arrives to a twelve-hour security operations center (SOC) shift and finds a message that a network sensor is …

Guidance to help cyber threat intelligence analysts apply MITRE ATT&CK

June 8, 2021

CISA has partnered with the Homeland Security Systems Engineering and Development Institute (HSSEDI), which worked with the MITRE ATT&CK team, to issue guidance to help …

Challenges and benefits of using threat data feeds

March 25, 2021

Threat data feeds can help organizations strengthen their cybersecurity posture, according to a report from the Ponemon Institute. As cyberthreats proliferate, many …

Rapid increase in security tools causing alert fatigue and burn out

March 22, 2021

On average, enterprises maintain 19 different security tools, with only 22% of such tools serving as vital to primary security objectives, a ReliaQuest survey reveals. The …

Alert overload still plagues cybersecurity industry

March 11, 2021

Alert overload still plagues the cybersecurity industry, according to Critical Start. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each …

Why do enterprise SOC teams need CIEM now?

February 18, 2021

What is CIEM? Among the many changes of 2020, Gartner added a new category: cloud infrastructure entitlement management (CIEM). While CIEM may sound similar to SIEM (security …

Top 10 most used MITRE ATT&CK tactics and techniques

February 16, 2021

Which tactics and techniques are cyber attackers favoring? vFeed has compiled a list of the Top 10 Most Used MITRE ATT&CK Tactics and Techniques to help security teams …

Security automation: Time for a new playbook

December 16, 2020

From increasingly sophisticated threats to the mad concoction of on-premise and cloud solutions that comprise most organizations’ IT infrastructure and the plethora of new IoT …

Which security practices lead to best security outcomes?

December 2, 2020

A proactive technology refresh strategy and a well-integrated tech stack are, according to a recent Cisco report, two security practices that are more likely than many others …