Does your SOC have a Triad Strategy that includes network-based detection? While the combination of Security Information and Event Management (SIEM) along with Endpoint Detection and Response (EDR) improves security, a day in the life of a SOC analyst is still stressful due to a constant flood of misleading alerts....
Your machine data has a record of all of the activity that takes place across your infrastructure. It's become the single most valuable asset in the enterprise, as the secrets to business optimization lie within the scores of microtransactions, including the ability to detect, investigate and respond to threats. And...
Some security experts have prophesied the demise of traditional Intrusion Detection and Prevention Systems (IDPS) for almost 20 years, but this cornerstone of network security continues to soldier on. While next-generation firewalls have added IDPS functionality, they are driven more by policies than true threat...
In 2018, the Cybereason Research team identified a series of attacks targeting telecommunications companies. These attacks shared the same TTPs and consisted of a webshell execution followed by the deployment of Poison Ivy, a well-known RAT attributed to Chinese APT groups.
Security operations (SecOps) and network teams (NetOps) have traditionally acted separately, but increasing IT complexity and scale means that aligning these two groups is a critical step towards delivering a fast and secure user experience.
A recent global SANS Institute survey found that only 30 percent of SecOps...
The SANS 2019 Security Operations Survey focuses on how organizations worldwide are adapting to technological shifts and keeping their businesses safe against constantly innovating attackers.
Download this white paper to learn about SOC best practices and more:
Network-based detection tools had the highest levels...
Even after implementing SOAR, SIEM, IDPS and other technologies to improve security insights, companies still spend thousands of hours triaging alerts that are mostly false positives. Given the ever-increasing volume of alerts, SOC teams are forced into a "do what you can do" strategy that focuses on high-value, high...
Popular business applications are increasingly delivered through the cloud using a software-as-a-service (SaaS) model, and cybersecurity applications are no exception. This is good news for small to midsize enterprises (SMEs) that don't have the budgets for in-house security technologies like a SIEM, and lack security...
Many of today's companies are hesitant to adopt new security technologies - particularly AI. The truth is AI is successfully disrupting many areas of security operations and shifting us away from the traditional SOC and man-led threat intelligence.
In this webinar, Chris Calvert will introduce the concept of...
Hiring and keeping good IT/security practitioners can be tough, so once you've got good talent you'll need to work to keep them.
Download this eBook and learn ways to keep your security analysts happy by:
Getting your security tools in order;
Building a feedback loop to stop false positives;
Setting a tone for...
Understanding the true costs of building and operating a security operations center has more to do with the capability you'd like to field than the people you need to hire to run it 24x7.
Download this eBook and learn:
The different levels of SOC capabilities;
How to determine which level is right for your...
When you have limited resources and a large attack surface to protect, smart prioritization is crucial. Frameworks like the Center for Internet Security (CIS) Top 20 Critical Security Controls are designed to help you make those difficult decisions, but a framework is only useful if you've got the resources to follow...
Encryption is skyrocketing both inside corporate networks and on the public internet - and studies show that more and more attackers are using this trend to hide their activities from your SOC:
70% of malware binaries sampled in the 2018 Annual Cybersecurity Report from Cisco took advantage of encrypted network...
You've heard the AI evangelists, but how can you ensure the AI solution you invest in is an intelligent, cognitive solution that can make your job easier?
The no-hype answer centers around making sure it can learn and can be proactive. It should automate your repeatable tasks to mitigate fatigue and solve what...
This report provides a snapshot of events investigated by the eSentire Security Operations Center in 2018. With the exponential growth of cyber threats being a common theme in 2018, 2019 will present significant challenges for security teams looking to stay ahead of threats.
The 2018 Annual Threat Report provides...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.
