Security News

Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior. In a SOC measuring analyst activity with MTTR can drive the wrong behavior.

More than half of IT and cybersecurity professionals noted ransomware or zero-day attacks as the biggest threats to their organization, according to a Deep Instinct survey. The report highlights current and emerging threats, the impact these have on the day-to-day lives of SecOps professionals, and how automation will play a significant role moving forward.

Endace announced a strategic partnership with Corelight that will provide security teams with rich insights and detailed forensic data that accelerate the process of detecting, analyzing and responding to network security threats. Corelight sensors produce rich, protocol-specific logs for incident response and threat-hunting workflows within any SIEM. When integrated with EndaceProbe Analytics Platforms these logs include "Pivot-to-Vision" links which connect SIEM events to the related packet data recorded by the EndaceProbes on the network.

Siemplify released a research that studies how the sudden shift to remote work during the COVID-19 pandemic has affected SecOps analysts' ability to perform their jobs and the impact on overall security postures. The overall cybersecurity posture has remained strong due to greater investments in security automation technologies and reliance on managed security service providers, potentially paving the way for many security operations centers to become permanently remote, a Siemplify survey reveals.

Collaboration is a hallmark of successful security teams. Managers of all the security teams can see the analysis unfolding, which allows them to act when and how they need to, coordinating tasks between teams and monitoring timelines and results.

AppViewX has recognized and responded to wide-spread customer demand for full lifecycle management of symmetric data encryption keys, by adding Cryptsoft's KMIP Server to their platform. Cryptsoft's market proven KMIP server and KMIP client technology has been licensed by AppViewX to provide the technical foundation for their platform's key management capability.

Deepwatch announced deepwatch Lens Score, a fast, easy to use application for CISOs and those who are accountable for measuring, monitoring, and improving their company's overall security operations maturity. "We collaborate closely with our customers' CISOs and have a comprehensive understanding of the challenges they face. CISOs are universally accountable for answering three questions," explained Charlie Thomas, CEO. "How mature is my Security Program? How do I compare to my peers? What one thing should I do next to better secure my business?" deepwatch created deepwatch Lens Score to provide security leaders with an ongoing view into their security posture and precisely what they can do to improve it over time.

These findings indicate that as SOCs continue to mature, they will deploy next-gen tools and capabilities at an unprecedented rate to address gaps in security. Further, the scale of technology needed to secure today's digital assets means SOC teams are relying more heavily on tools to effectively do their jobs.

According to the just-released 2020 State of Security Operations survey of 314 enterprise security professionals, enterprise security teams around the world feel that they struggle with the growing pace, volume and sophistication of cyberattacks. Thanks to manual triage processes and disparate and legacy security tools permeating most environments, 28 percent of alerts are simply never addressed, the survey, released Thursday, found.

While 5G sometimes seems like the panacea for just about everything, it will likely intensify the already common friction between NetOps and SecOps teams that will take part in deployments and operations of the 5G mobile network. 5G standardization has an enhanced security framework over 4G, but there are various new implementations and complexities of design, and NetOps and SecOps teams need to come together to achieve greater agility and accommodate changes and challenges to their new mobile networks more quickly and more efficiently.