Security News

Without proper planning, organizations adopting security automation tools can fall victim to common missteps that quickly lead to less efficiency and a weaker security posture. Start by examining the processes and procedures your organization's security team already has in place and identify the tasks that consume the majority of team member's time.

Vulnerabilities discovered by researchers in Rockwell Automation's FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments. FactoryTalk Linx, formerly known as RSLinx Enterprise, is a widely used product designed for connecting Allen Bradley programmable logic controllers to Rockwell applications, including for programming, data acquisition and HMI interaction.

Automation will play a major role in shaping cybersecurity attack and defence activities in 2021, WatchGuard predicts. Traditionally a high-investment, high-return targeted attack, in 2021 automation tools will replace manual techniques to help cybercriminals launch spear phishing campaigns at record volumes, by harvesting victim-specific data from social media sites and company web pages.

Rockwell Automation announced the release of new industrial PCs and software to markedly improve the reliability and security of visualization applications. The new industrial Allen-Bradley VersaView 6300 PCs and thin clients combine with FactoryTalk View human-machine interface software and ThinManager thin-client management software to create a complete visualization system.

A critical vulnerability uncovered in Real-Time Automation's 499ES EtherNet/IP stack could open up the industrial control systems to remote attacks by adversaries. RTA's ENIP stack is one of the widely used industrial automation devices and is billed as the "Standard for factory floor I/O applications in North America."

Flashpoint already produces the industry's highest-quality threat intelligence from online illicit communities. By integrating CRFT's no-code security automation into Flashpoint's product suite, the company is now positioned to empower Cyber Threat Intelligence, Fraud, and Security teams to take rapid, automated action from inbound intelligence and event-based alerts.

SaltStack has officially revealed three bugs in its code - two of them seemingly critical - and told users: "We strongly recommend that you prioritize this update." But the biz appears to have known about the bugs for months and quietly patched them over the summer. SaltStack offers open-source, Python-based automation tools.

CyberSaint announced new updates to the CyberStrong platform allowing customers to drastically reduce manual intervention previously necessary to assess, manage, and communicate cyber and IT compliance and risk posture. CyberStrong is purpose-built for enterprises looking to transform their cyber risk management programs through automation in the wake of extensive digital transformation initiatives.

These findings indicate that as SOCs continue to mature, they will deploy next-gen tools and capabilities at an unprecedented rate to address gaps in security. Further, the scale of technology needed to secure today's digital assets means SOC teams are relying more heavily on tools to effectively do their jobs.

Despite 88% of cybersecurity professionals believing automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles than their veteran counterparts, according to a research by Exabeam. "The concern for automation among younger professionals in cybersecurity was surprising to us. In trying to understand this sentiment, we could partially attribute it to lack of on-the-job training using automation technology," said Samantha Humphries, security strategist at Exabeam.