Security News
The cloud-based model provides a fast, flexible solution for enterprises and MSSPs who can access its single, centralised interface to gain valuable intelligence and context on threats, reducing incident response times from hours to minutes. SIRP's SOAR platform is designed to help organizations struggling with a growing number of security alerts by helping teams decide where incident responders should focus their activity.
Farsight Security launched Farsight DNSDB for IBM Security SOAR, which integrates Farsight DNSDB with IBM Security SOAR, formerly Resilient, the company's security orchestration, automation, and response solution. Through this integration, Farsight DNSDB and IBM Security SOAR enable security analysts to automatically contextualize incidents and add to their existing workflows to measurably reduce the number of unknown domain names, IP addresses, name servers, mail exchanger records and other DNS-related assets, in seconds.
Cyberbit announced that XSOAR is now available on Cyberbit and is integrated into hands-on incident response simulation exercises. XSOAR, from Palo Alto Networks, will be added to a growing list of market leading cybersecurity products available within the Cyberbit Skills Development Platform, including the Palo Alto Networks Next Generation Firewall, leading SIEM solutions, Endpoint Security solutions and more.
Arista Networks announced an Attack Surface Assessment, an advanced security service delivered through the recent acquisition of Awake Security. "To make matters worse, sponsored groups can steal intellectual property and attack resources that are now in the wild. Big companies and banks are still getting hacked and technologies like IoT are huge threats. We need to reboot security and make it simple to manage. I believe Arista Networks is simplifying security."
LC: Trying to plug IT security on top of operations has caused the water to be bloodied for many years, often times there are very hostile relationships between the IT and the operational teams because IT security's been trying to force what we consider standard cyber security models on top of the OT systems, and it just doesn't work. So if you don't have basic incident response preparation done in either your IT or OT environment, you're going to see spending a lot more money when you have an incident to have it done by your consulting incident respondent, or even your on staff highly paid incident responders.
The U.S. Federal Energy Regulatory Commission and the North American Electricity Reliability Corporation last week released a report outlining cyber incident response and recovery best practices for electric utilities. The study is based on information provided by experts at eight U.S. electric utilities of various sizes and functions, and its goal was to help the industry improve incident response and incident recovery plans, which authors of the study say help ensure the reliability of the bulk electric system in the event of a cybersecurity incident.
Cybersecurity agencies in Australia, Canada, New Zealand, the United Kingdom, and the United States have published a joint advisory focusing on detecting malicious activity and incident response. Best practice incident response procedures, the report notes, start with the collection of artifacts, logs, and data, and their removal for further analysis, and continue with implementing mitigation steps without letting the adversary know that their presence in the compromised environment has been detected.
Palo Alto Networks announced on Monday that it has agreed to acquire incident response and digital forensics consulting firm The Crypsis Group. Under the terms of the agreement, Palo Alto Networks will pay $265 million in cash, subject to adjustment, to acquire Crypsis.
Many companies today have developed a Cybersecurity Incident Response plan. It's a sound security practice to prepare a comprehensive IR plan to help the organization react to a sudden security incident in an orderly, rational manner.
In April 2020, Cynet launched the world's first Incident Response Challenge to test and reward the skills of Incident Response professionals. Providing the thought process and detailed steps to solve each of the challenges will serve as a training aid and knowledge base for incident responders.