Security News

Learn about 5 powerful cloud security automations with Blink Ops to simplify security operations like S3 bucket monitoring, subdomain takeover detection and failed EC2 login detection. [...]

Google updates Google Security Operations and more with Gemini AI. Google is combining the security capabilities of information security company Mandiant and malware scanner VirusTotal with Gemini AI and Google's own user and device footprint in a new offering called Google Threat Intelligence. Available May 6 wherever Google Cloud Security is distributed, Google Threat Intelligence uses Gemini AI to get a top-down look at security data, competing with Microsoft's Copilot for Security.

Lastly, do something outside of work that encourages team collaboration. With the rise of cloud models and hybrid cloud paradigms, how have the roles of NetOps and SecOps evolved, and what challenges does this pose for team alignment?

Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed...

There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. As more vendors attempt to challenge the dominant players in the SIEM category, demand is increasing for solutions that offer automation, which can cover 80%, while also offering customization capabilities to cover bespoke use cases - the remaining 20%. With the continual surge in global data creation, organizations are inevitably seeing an uptick in the number of alerts managed by security teams.

According to the surveyed DevOps and SecOps leaders, 97% are using the technology today, with 74% reporting they feel pressure to use it despite identified security risks. While DevOps and SecOps respondents hold similar outlooks on generative AI in most cases, there are notable differences with regards to adoption and productivity.

As attack surfaces expand and applications become more complex, regular pen tests become a crucial component of a strong web application security posture. Pen testing is often conducted periodically, which results in a "Security sprint" every time a new test is scheduled.

Security operations teams are spending their days looking for known vulnerabilities and watching for new threats. Once compiled, SecOps can begin to assess security gaps and risks to those operations and combine that with their knowledge of adversaries targeting their company or industry.

Organisations have work to do if they want to attract and retain diverse talent in their security operations teams, according to SOC.OS and Sapio Research. 23% or respondents said they're struggling to incentivise, motivate and retain their SecOps teams.

There is an alternative way for procuring security expertise: by retaining the services of managed security service providers and managed detection and response providers. MSSPs usually assist organizations' IT departments in managing the IT infrastructure and keeping it secure by managing security equipment/systems, monitoring security logs, supervising patch management, and similar preventative security measures.