Security News

92% of network security and operations pros say there are more network updates needed than they can keep up with. While 61% of companies only upgrade network and security devices quarterly or less frequently, 48% of survey respondents say their company has not implemented or invested deeply in network automation, opening them up to security breaches and other serious issues.

We're now making cloud security automation easier for you by releasing CIS hardening components in EC2 Image Builder on Amazon Web Services. Our CIS hardening components help give you more options for building a golden image, especially when you need to automate your image creation process.

Up until now, much of these advancements in automation have been focused on response, with SOAR and incident response tools playing an instrumental role in tackling the most urgent phase of the SOC workflow. By breaking down the SOC workflow into phases, it is easy to see more instances where automation can improve the speed and efficacy of security teams.

This is where automation is critical to scale security and compliance. Automation enables compliance and security standardization.

Robotic Process Automation promises numerous benefits to organizations investing in it, including increased worker productivity, the automation of tedious and monotonous tasks, and improved efficiency. According to Deloitte, it's a market that will reach a value of more than $2.9 billion globally prior to 2023.

Security Compass has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their secure development efforts. In order for software developers and security teams to effectively collaborate and ensure that a company's software products are secure, developers need automated, current, relevant, and actionable JITT training embedded into their development tools and processes.

Speed, cost reduction and reduced risk: just three of the benefits of Infrastructure-as-Code. Despite the immense business value IaC can yield, getting to and operating a state of automated infrastructure management is not always straightforward.

Like Microsoft's new security patch technology, SOC automation intends to both improve an enterprise's security posture and reduce the burden on security engineers and security analysts. The real work of the SOC continues to be handled by security engineers who maintain the tools and the security analysts who have the insights that can assess attacks and determine what the organization should do to address threats.

A Chinese-speaking threat actor has hacked into the building automation systems of several Asian organizations to backdoor their networks and gain access to more secured areas in their networks. The APT group, whose activity was spotted by Kaspersky ICS CERT researchers, focused on devices unpatched against CVE-2021-26855, one of the Microsoft Exchange vulnerabilities collectively known as ProxyLogon.

CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service condition, among others. CODESYS is a software suite used by automation specialists as a development environment for programmable logic controller applications.