security operations
Combating vulnerability fatigue with automated security validation
Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two …
Automation is not here to close the cybersecurity skills shortage gap, but it can help
In this interview with Help Net Security, Daniel Clayton, VP Global Security Services and Support at Bitdefender, talks about the cybersecurity skills shortage gap and the …
Phishing attempts: Employees can be the first line of defense
33% of emails employees report as phishing attempts are either malicious or highly suspect, according to new research. The finding comes from an analysis of emails reported by …
How enterprises use security operations to modernize their business
CyberRes published a report which provides insights into how enterprises are utilizing security operations to modernize their business, secure the digital value chain and …
Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)
A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, …
The impact of current and emerging threats on the day-to-day lives of SecOps teams
More than half of IT and cybersecurity professionals noted ransomware or zero-day attacks as the biggest threats to their organization, according to a Deep Instinct survey. …
New tool allows organizations to customize their ATT&CK database
MITRE Engenuity has released ATT&CK Workbench, an open source tool that allows organizations to customize their local instance of the MITRE ATT&CK database of cyber …
SOC burnout is real: 3 preventative steps every CISO must take
Consider this scenario: Morgan, a level 3 security analyst, arrives to a twelve-hour security operations center (SOC) shift and finds a message that a network sensor is …
Guidance to help cyber threat intelligence analysts apply MITRE ATT&CK
CISA has partnered with the Homeland Security Systems Engineering and Development Institute (HSSEDI), which worked with the MITRE ATT&CK team, to issue guidance to help …
Challenges and benefits of using threat data feeds
Threat data feeds can help organizations strengthen their cybersecurity posture, according to a report from the Ponemon Institute. As cyberthreats proliferate, many …
Rapid increase in security tools causing alert fatigue and burn out
On average, enterprises maintain 19 different security tools, with only 22% of such tools serving as vital to primary security objectives, a ReliaQuest survey reveals. The …
Alert overload still plagues cybersecurity industry
Alert overload still plagues the cybersecurity industry, according to Critical Start. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each …
Featured news
Resources
Don't miss
- Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms
- New framework aims to outsmart malware evasion tricks
- Finding connection and resilience as a CISO
- AI isn’t taking over the world, but here’s what you should worry about
- Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations