Security News

Up until now, much of these advancements in automation have been focused on response, with SOAR and incident response tools playing an instrumental role in tackling the most urgent phase of the SOC workflow. By breaking down the SOC workflow into phases, it is easy to see more instances where automation can improve the speed and efficacy of security teams.

Gurucul announced the results of a Black Hat USA 2022 security professionals survey with respondents indicating that insider threats were the most difficult type of attack for SOC analysts to detect, and that behavioral analytics was the most common piece of technology they felt was missing and that they planned to add to the SOC in the near future. The survey also found that a strong majority of respondents feel their SOC programs are improving, but that they needed more training, high-level talent in the SOC, better compensation, and more time off.

How secure are the third parties you've entrusted with your data? SOC 2 is a framework that ensures these service providers securely manage data to protect their customers and clients. For security-conscious businesses - and security should be a priority for every business today - SOC 2 is now a minimal requirement when considering a SaaS provider.

In this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks. He outlines real-world examples and discusses their implications for enterprise security preparedness and the threat landscape.

Like Microsoft's new security patch technology, SOC automation intends to both improve an enterprise's security posture and reduce the burden on security engineers and security analysts. The real work of the SOC continues to be handled by security engineers who maintain the tools and the security analysts who have the insights that can assess attacks and determine what the organization should do to address threats.

Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. After beginning our SOC 2 journey we realized that we did not have a great way to track the reasoning behind a required emergency change, and this was required for our SOC 2 audit.

With nearly 50% of organisations with over 2,000 employees still yet to deal with security monitoring and implementation of incident response capabilities, we need to ask ourselves why? It's hard to deploy disparate and multiple complex systems to get true SOAR. It's hard to find the staff to resource both the engineering and the security operations, all bringing with it a high cost and management burden making it difficult for large organisations, let alone smaller organisations, to reach this level of security maturity.

For security leaders, building a mature Security Operations Centre is about establishing robust processes that bring teams and technology together for success. Recent research indicates that 51 percent of SOC teams feel emotionally overwhelmed by the impossible volume of security alerts they must deal with, with the stress impacting their home lives.

Training programs have a two-fold benefit to organizations: not only do they help SOC staff learn new skills such as Security Orchestration, Automation and Response and machine learning, which makes them more productive, but training can also cut back on staff losses. With that in mind, how do you put together a good training program for your SOC? You need to start by knowing your goals, then developing a lesson plan that works with the ways your people want to learn, and execute that plan in a way that works with your organization, not against it.

SentinelOne Storyline Active Response is a cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne's ActiveEDR, STAR empowers security teams to create custom detection and response rules and deploy them in real time to the entire network or desired subset, to proactively detect and respond to threats.