Security News

The coronavirus pandemic presented the perfect opportunity for security teams to evaluate the state of their incident-response process. According to a survey conducted by Red Canary, Kroll and VMware in partnership with Wakefield Research, 45 percent of security leaders said their security spending will either stay the same, if not decrease over the next twelve months.

You need to analyze many potential entry points, attack paths, and data exfiltration tactics to reveal the scope of what took place-all while the culprits are potentially taking steps to cover their tracks. The attacker might then use stolen user credentials to move laterally throughout the network, finally launching a DCShadow attack that uses replication permissions to imitate a domain controller and make changes to Active Directory.

On the face of it, the cloud fundamentally changes how security teams investigate and remediate incidents. The complacent might think that the cloud providers, with all their resources, should have them covered.

The Incident Response services market is in accelerated growth due to the rise in cyberattacks that result in breaches. Cynet is now launching a first-of-its-kind offering, enabling any Managed Security Provider or Security Integrator to add Incident Response to its services portfolio, without building an in-house team of incident responders, by using Cynet's IR team and technology at no cost.

While it's important to engage incident response during a cyber security incident, F-Secure Consulting's global incident response offerings put equal emphasis on readiness as a strategy for mitigating the risk of cyber attacks. In the last 12 months, F-Secure Consulting responded to dozens of major security incidents for organizations across the globe.

Just as security leaders and pros are firming up their policies and strategies to secure hybrid work for the foreseeable future-they get hit with an all-out assault of ransomware attacks. After a year of pandemic-related disruption and an uptick in ransomware and serious cyberattacks of all kinds-just as security leaders and professionals are firming up their policies and strategies to secure hybrid work for the foreseeable future -they get hit with an all-out assault of ransomware attacks.

Anomali announced the availability of its quarterly portfolio update. New capabilities expand visibility for security operations analysts over a wider range of relevant threat intelligence and critical asset data, enable more precise threat detection, and empower users to optimize and speed incident response.

LogPoint launched a content pack for Cortex XSOAR, a security orchestration, automation and response platform from Palo Alto Networks. The integration with Palo Alto Networks Cortex XSOAR builds on the LogPoint strategy to partner with cybersecurity platforms.

Gigamon announced ThreatINSIGHT Guided-SaaS NDR, which was purpose built to improve SOC effectiveness and reduce analyst burnout. ThreatINSIGHT alleviates the three most common problems that continue to plague SOC analysts and incident responders.

With so many companies falling victim to cyberattacks, an entire cottage industry of Incident Response services has arisen. Recently, cybersecurity company Cynet provided an Incident Response plan Word template to help companies plan for this unfortunate occurrence.