threat detection
Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques
Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) …
PRevent: Open-source tool to detect malicious code in pull requests
Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a …
Strengthening security posture with comprehensive cybersecurity assessments
In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI …
5 reasons to double down on network security
Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing …
Google launches on-device AI to alert Android users of scam calls in real-time
Google has announced new security features for Android that provide real-time protection against scams and harmful apps. These features, powered by advanced on-device AI, …
Why cyber tools fail SOC teams
A recent Vectra AI report highlights a growing distrust of threat detection tools. 47% of respondents note they do not trust their tools to work the way they need them to. …
Enhancing national security: The four pillars of the National Framework for Action
In this Help Net Security interview, John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, discusses the four pillars of …
Attackers deploying red teaming tool for EDR evasion
Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The …
Suricata: Open-source network analysis and threat detection
Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata …
AI use: 3 essential questions every CISO must ask
In July, Wall Street experienced its worst day since 2022, with the tech-focused Nasdaq falling by 3.6%. The downturn was largely triggered by what commentators suggest is the …
Organizations are making email more secure, and it’s paying off
Compromised identities have been a central component of countless costly breaches this year, according to Red Canary. Rise in identity and cloud-native attacks While most of …
How to make Infrastructure as Code secure by default
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through …