Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CISA warns that the BlackMatter ransomware has targeted multiple critical infrastructure entities in the United States, including organizations in the food industry. [Read More]
Microsoft, Intel and Goldman Sachs will lead a new supply chain security work group at the Trusted Computing Group (TCG). [Read More]
In a Form 10-K filing with the SEC, the company confirmed that the attackers made some of the stolen data public. [Read More]
Twitch has shared another update about the recent hack, and it claims to have determined that only a small fraction of users are affected and customer impact is minimal. [Read More]
Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit. [Read More]
The Linux Foundation has secured a $10 million investment to expand the operations of the Open Source Security Foundation (OpenSSF). [Read More]
Tech giants Intel and VMware joined the security patch parade this week, rolling out fixes for flaws that expose users to malicious hacker attacks. [Read More]
CrowdStrike made two major announcements at its own Fal.Con conference this week, launching a free Community Edition of Humio, and announcing CrowdStrike XDR. [Read More]
The Microsoft Patch Tuesday train for October rolled in with fixes for at least 71 Windows security defects and an urgent warning about a newly discovered zero-day cyberespionage campaign. [Read More]
Full video of panel discussion from SecurityWeek's 2021 CISO Forum on navigating software bill of materials (SBOM) and supply chain security transparency. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
Marc Solomon's picture
Security is a big data problem. Solving it is all about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure.
Tim Bandos's picture
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Marc Solomon's picture
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
Landon Winkelvoss's picture
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
Marc Solomon's picture
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Gunter Ollmann's picture
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.