Security News

Kali Linux 2021.2 released: Kaboxer, Kali-Tweaks, new tools, and more!Offensive Security has released Kali Linux 2021.2, the latest version of its popular open source penetration testing platform. June 2021 Patch Tuesday forecast: Patch management is back in the spotlightEvery day you look in the security news, there are reports of new ransomware attacks.

According to the study, which polled 2,303 IT security and SOC decision makers across companies of all sizes and verticals, 70% of respondents say their home lives are being emotionally impacted by their work managing IT threat alerts. These finding are corroborated by a recent Forrester study, which found that "Security teams are heavily understaffed when it comes to incident response, even as they face more attacks. Security operations centers need a more-effective method of detection and response; thus, XDR takes a dramatically different approach to other tools on the market today."

PLDA announced the launch of their XpressRICH PCI Express Controller IP for the PCIe 6.0 specification. To compensate for the higher BER, XpressRICH for PCIe 6.0 architecture implements FEC combined with CRC. XpressRICH for PCIe 6.0 architecture also supports the new L0p low power mode, enabling traffic to be transmitted on a reduced set of lanes, reducing power consumption without impacting traffic flow.

Shujinko announced the availability of free automation software to help auditors and their clients streamline SOC 2 audit preparation and readiness. This free solution includes the full capabilities of AuditX for SOC 2, automating evidence collection, mapping and crosswalking, while dramatically streamlining audit workflow and collaboration for compliance certification.

According to a new study, Digital Transformation Needs a More Perfect Union, released Wednesday by secure access service edge provider Netskope, networking and security teams do not work well together, if at all. "The evident divide between networking and security teams has been an issue for some time, but has been even more amplified with the rapid acceleration to remote work," Mike Anderson, chief information and digital officer at Netskope, said in a statement.

As Security Operations Centers mature, they need to tackle some tough challenges with respect to data, systems and people. As Security Operations Centers mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.

Organizations have piled security controls upon security controls, and still remain largely blind to the most serious threats they face. Firewalls, vulnerability management and endpoint tools may offer a base layer of protection, but they are inherently weak without an added layer that includes analysis of daily exposures caused by configuration errors, exploitable vulnerabilities, mismanaged credentials and other common points of risk.

If you want to modernize your SOC to focus on detection and response you need to start by capturing the right data. The next challenge is improving data utilization by collaborating with the teams and organizations that make up your entire enterprise, to mitigate risk across your environment.

Many organizations today deal with data that is noisy and unstructured, decentralized without prioritization, and managed with spreadsheets. To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem - the telemetry, content and data created by each layer in your security architecture, on-premises and in the cloud.

CrowdStrike announced enhancements to the CrowdStrike Falcon platform that significantly improve Security Operations Center efficiency and effectiveness, allowing security teams to focus on critical priorities and fortify their organizations' proactive stance against cyber threats. CrowdStrike customers can accelerate their security operational response with new notification workflows and Real Time Response capabilities within the CrowdStrike Falcon platform, automating full-cycle incident response.