Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Researchers find and document a way to leverage Apple’s Find My's Offline Finding network to upload arbitrary data to the Internet. [Read More]
Enterprise security vendor Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach [Read More]
Query.AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. [Read More]
After being forced to shut down on May 7th, the Colonial Pipeline initiated a restart of pipeline operations May 12th at approximately 5 PM ET. [Read More]
Panaseer banks $26.5 million in Series B funding to build out a Continuous Controls Monitoring (CCM) platform to help organizations identify assets and manage security controls. [Read More]
The Alaska court system said Tuesday it had restored email capabilities nearly two weeks after a cybersecurity attack. [Read More]
Adobe warns that a "priority 1" security flaw has been exploited in the wild in “limited attacks targeting Adobe Reader users on Windows.” [Read More]
The data breach affects employees, retirees and beneficiaries, students, and other individuals who participated in UC programs. [Read More]
Documents submitted in a court case involving Apple revealed that the XcodeGhost malware discovered in 2015 impacted 128 million iOS users. [Read More]
In collaboration with the Sigstore project, Google ships an open-source tool called cosign to make signing and verifying container images easy. [Read More]

FEATURES, INSIGHTS // Incident Response

rss icon

Marc Solomon's picture
For efficiency and effectiveness, automation must take a data-driven approach and encompass how we initiate and learn from the response, not just how we execute the process.
Landon Winkelvoss's picture
In response to a specific attack, it’s important to do external threat monitoring and threat actor engagement to determine if the actors are attempting to exploit or monetize the security event.
Marc Solomon's picture
As Security Operations Centers (SOCs) mature and transition to become detection and response organizations, they need to tackle some tough challenges with respect to data, systems and people.
Gunter Ollmann's picture
Once live stomping around vendor-packed expo halls at security conferences returns, it is highly probable that “Virtual Analyst” will play a starring role in buzzword bingo.
Marc Solomon's picture
To gain a comprehensive understanding of the threats you are facing and what you must defend, you need to start by aggregating internal data from across the entire ecosystem
Marc Solomon's picture
The center of gravity of the Security Operations Center (SOC) used to be the SIEM, but this is shifting as the mission of the SOC shifts to become a detection and response organization.
Marc Solomon's picture
The pandemic has resulted in security team members and teams working better together, as well as more closely with other departments and with industry sharing groups.
AJ Nash's picture
For companies trying to build new or mature existing intelligence programs, the Age of COVID has been an excellent time to capture 30-60 minutes with that hard-to-find manager
Marc Solomon's picture
To push security operations forward, we must move towards a single, collaborative environment that can include threat hunters, incident handlers and threat intelligence and SOC analysts.
AJ Nash's picture
As you build your cyber intelligence program – and have all the vendors lined up to take your money – don’t overlook the importance of investing in the right people.