Security News

With nearly 50% of organisations with over 2,000 employees still yet to deal with security monitoring and implementation of incident response capabilities, we need to ask ourselves why? It's hard to deploy disparate and multiple complex systems to get true SOAR. It's hard to find the staff to resource both the engineering and the security operations, all bringing with it a high cost and management burden making it difficult for large organisations, let alone smaller organisations, to reach this level of security maturity.

For security leaders, building a mature Security Operations Centre is about establishing robust processes that bring teams and technology together for success. Recent research indicates that 51 percent of SOC teams feel emotionally overwhelmed by the impossible volume of security alerts they must deal with, with the stress impacting their home lives.

Training programs have a two-fold benefit to organizations: not only do they help SOC staff learn new skills such as Security Orchestration, Automation and Response and machine learning, which makes them more productive, but training can also cut back on staff losses. With that in mind, how do you put together a good training program for your SOC? You need to start by knowing your goals, then developing a lesson plan that works with the ways your people want to learn, and execute that plan in a way that works with your organization, not against it.

SentinelOne Storyline Active Response is a cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne's ActiveEDR, STAR empowers security teams to create custom detection and response rules and deploy them in real time to the entire network or desired subset, to proactively detect and respond to threats.

BehavioSec announced that it has extended its patented technology and BehavioSense platform into a SOC/ISO compliant, hosted-version and a cloud-native, SaaS version. These new versions will help more organizations meet compliance and cloud mandates, support frictionless multi-factor authentication, and gain access to the advanced behavioral biometrics technology - which until now - has only been employed within the world's largest banks, e-Identity providers, and online retailers.

Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers and Cloud Intrusion Detection System for network-based threat detection. Autonomic Security Operations, the Internet giant says, represents a "Stack of products, integrations, blueprints, technical content, and an accelerator program" meant to help customers leverage Chronicle and Google technology and expertise to advance their SOC. A collection of philosophies, practices, and tools, Autonomic Security Operations should help organizations improve their resilience against cyberattacks, with an automated approach to threat management.

SOC burnout is real: 3 preventative steps every CISO must takeFor those that spend every day as a security professional and for anyone who truly appreciates the demands applied to these essential security team members, burnout is a harsh reality. Cloud security skills in high demandCloud security is critically important for organizations across the globe as adoption of cloud infrastructure continues to grow at a rapid clip.

The CISO makes it clear that the SOC/IR team is empowered to focus on identifying and dismantling adversaries, full stop. The CISO ensures the SOC/IR team has access to experts when it counts.

To select a suitable virtual SOC solution for your business, you need to think about a variety of factors. Flexible extension of your security team: Beyond 24/7 monitoring, a virtual SOC must also include threat hunting and research, data engineering and science, and solution architects that work as a seamless extension to your team.

Deepwatch launched deepwatch MOBILE - a mobile application that gives customers real-time insight into their Security Operations Center and timely threat intelligence delivered to their mobile phone. Deepwatch MOBILE enables customers to interact with their deepwatch Squad, who provide 24/7/365 monitoring services that detect threats and provide guided or automated response.