Extended detection and response (XDR) is the evolution of endpoint detection and response (EDR), providing optimized threat detection and response that spans security and business tools. In contrast to legacy SIEM approaches and current security analytics platforms, XDR is grounded in EDR, unifying it with other...
Forrester analysts Allie Mellen and Jeff Pollard discuss their new research on the analyst experience, or AX. AX involves how security analysts perceive their interactions with security products, services and processes, and Mellen and Pollard say it can improve the SOC and security analyst workflow.
In this time of heightened consumer expectations, the financial services industry continues to be one of the top targets for cyberattacks. To develop hyper-personalized experiences, financial institutions are engaging with more third-party partners (e.g., traditional competitors, fintech, Big Tech) to share data and...
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
Organizations build a security operations center (SOC) to protect against the latest cybersecurity threats. But security leaders responsible for a SOC are often littered with questions about what a SOC does, why it can't be more agile and why breaches still happen after spending so much on security.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Threat intelligence can be a useful addition to your security toolkit. It
can provide your analysts with information and context they would
not have otherwise. There are many factors to consider, including
where to obtain the intelligence, how to collect it, how to integrate it,
and how much to...
Integrating a complete and powerful SOC solution into your business will help
alleviate the risks and workload involved in monitoring and protecting your network.
When evaluating SOC options, whether in-house or outsourced, it is important to
understand that a SOC’s capabilities will determine the success of your...
Acceleration to the cloud is affecting all
industries as organizations take advantage of
the flexibility, efficiencies and security benefits
of being able to hyperscale their abilities to
elastically spin up large-scale environments in
seconds. But these new cloud-native and hybrid
cloud environments, which use...
Agility and efficiency is often top of mind for every senior executive. However, according to IDG only 49% of security teams are looking for investments into automation, and shockingly, just 37% of security professionals (according to the ISC2 workforce study) have SOC automation on their radar. So what’s holding so...
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
A SOAR tool can orchestrate security actions (like
investigations, triage, response) across various security
products in a team’s arsenal, and automate otherwise
manual repetitive security tasks.
But not all SOAR tools are created equal. A best-ofbreed
SOAR solution will provide a set of capabilities