Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The Broward Health hospital system suffered a data breach in October where a hacker accessed personal and medical information of patients and staff. [Read More]
ACLU is demanding more answers about a data breach at the state’s public bus service, including why the personal information of state employees who don’t even work for the agency was compromised. [Read More]
The Apache HTTP Server 2.4.52 is listed as urgent and CISA is calling on user to “update as soon as possible.” [Read More]
The public school district in Mississippi’s capital city is implementing new cybersecurity measures after hackers attacked its server last year. [Read More]
Albania’s prime minister on Thursday apologized for a big leak of personal records from a government database of state and private employees, which he said seems more like an inside job than a cyber attack. [Read More]
A long-term phishing experiment at a 56,000-employee company ends with a caution around the use of simulated phishing lures in corporate security awareness training exercises. [Read More]
Researchers warn that the vulnerability has existed since September 2017 and has likely been exploited in the wild. [Read More]
French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident. [Read More]
The Chinese government is punishing Alibaba because the company’s cloud security team did not inform the government first about the Log4Shell vulnerability. [Read More]
As the scale and impact of the Log4j security crisis become clearer, defenders brace for a long, bumpy ride filled with software-dependency headaches. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
An open integration architecture provides the greatest access to data from technologies, threat feeds and other third-party sources, and the ability to drive action back to those technologies once a decision is made.
Marc Solomon's picture
You risk limiting the value you can derive from your next security investment without first thinking about your top use cases and the capabilities needed to address them.
Landon Winkelvoss's picture
Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries.
Landon Winkelvoss's picture
In addition to evaluating the core capabilities and range of intelligence monitoring, organizations must consider data source integrity, and perhaps most importantly, the level of expert analysis included with each service.
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Landon Winkelvoss's picture
Security and intelligence teams often lack finished intelligence, which leaves them ill-equipped to combat motivated and sophisticated adversaries.
Marc Solomon's picture
Security is a big data problem. Solving it is all about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure.
Tim Bandos's picture
The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste.
Rob Fry's picture
We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea.
Marc Solomon's picture
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.