Tag: soc
-
5 key priorities for your RSAC 2026 agenda
Tags: ai, api, attack, automation, ciso, compliance, conference, cybersecurity, data, detection, framework, governance, identity, infrastructure, injection, LLM, risk, service, soc, threat, tool, trainingEnable AI adoption fast enough to stay competitive.Secure the enterprise against a threat landscape that AI itself is creating.These are not sequential problems, unfortunately; they are parallel ones. I’d argue that RSAC 2026 is your best opportunity this year as a security leader to close the knowledge gap. AI prioritised Learning Framework: RSAC can be…
-
Horabot Returns in Mexico, Spreading via Phishing and Email Worm Attacks
Horabot has resurfaced in Mexico with a more complex, multi”‘stage kill chain that blends fake CAPTCHA lures, living-off-the-land scripting, and an email worm”‘style spreader to deliver a Latin American banking trojan. In this installment of the SOC Files series, our MDR team dissected a targeted Horabot campaign that we hunted a few months ago, after…
-
Agentic AI in the SOC: The Governance Layer you Need Before You Let Automation Execute
Guidance for SOC leaders on safely enabling agentic AI execution”, require policy-driven guardrails, human-approval gates, blast-radius limits, auditability, and rollback to prevent automation from becoming operational risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/agentic-ai-in-the-soc-the-governance-layer-you-need-before-you-let-automation-execute/
-
Can advanced AI make SOC teams more relaxed
How Do Non-Human Identities Influence Cloud Security Management? Have you ever wondered how organizations can efficiently protect their cloud while dealing with the complexities of machine identities? Non-Human Identities (NHIs) address the modern challenge of safeguarding dynamic digital environments through a comprehensive approach. This concept is gaining traction in industries like financial services, healthcare, and……
-
Can advanced AI make SOC teams more relaxed
How Do Non-Human Identities Influence Cloud Security Management? Have you ever wondered how organizations can efficiently protect their cloud while dealing with the complexities of machine identities? Non-Human Identities (NHIs) address the modern challenge of safeguarding dynamic digital environments through a comprehensive approach. This concept is gaining traction in industries like financial services, healthcare, and……
-
Can advanced AI make SOC teams more relaxed
How Do Non-Human Identities Influence Cloud Security Management? Have you ever wondered how organizations can efficiently protect their cloud while dealing with the complexities of machine identities? Non-Human Identities (NHIs) address the modern challenge of safeguarding dynamic digital environments through a comprehensive approach. This concept is gaining traction in industries like financial services, healthcare, and……
-
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
Realm.Security launches Data Enrichments and Privacy Guard, injecting real-time threat context into security pipelines and automating PII redaction to keep SOC teams faster, leaner, and compliance-ready. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/realm-security-rolls-out-ai-ready-security-data-for-the-modern-soc-ahead-of-rsa-conference/
-
Realm.Security Rolls Out AI-Ready Security Data for the Modern SOC Ahead of RSA Conference
Realm.Security launches Data Enrichments and Privacy Guard, injecting real-time threat context into security pipelines and automating PII redaction to keep SOC teams faster, leaner, and compliance-ready. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/realm-security-rolls-out-ai-ready-security-data-for-the-modern-soc-ahead-of-rsa-conference-2/
-
Understanding SOC 2 Controls for SaaS Providers
For SaaS providers, trust is a core part of the offering. Customers rely on software platforms to process data, support business operations, and integrate with wider technology ecosystems. As a result, demonstrating effective security and governance controls using frameworks like SOC 2 has become an increasingly important requirement when selling to enterprise customers. SOC 2″¦…
-
AI in the SOC: Why Explainability is the New Security Control
AI is transforming the SOC, but without explainability analysts can’t trust it. Why transparency is becoming a critical security control. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/ai-in-the-soc-why-explainability-is-the-new-security-control/
-
Interview mit Andreas Gaetje, CISO bei Körber – KI im SOC: Effizienz steigt, Autonomie bleibt begrenzt
First seen on security-insider.de Jump to article: www.security-insider.de/ki-agenten-im-soc-triage-schwachstellen-priorisieren-a-b55b412fb0c1c5a2bcc3aae96282bb54/
-
New infosec products of the week: March 13, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Binary Defense, Mend.io, OPSWAT, Singulr AI, SOC Prime, Terra Security, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/13/new-infosec-products-of-the-week-march-13-2026/
-
Building Trust in AI SOC Analyst Solutions: A UK and EU CISO Perspective
Tags: access, ai, best-practice, ciso, control, data, endpoint, framework, GDPR, governance, incident response, international, metric, nis-2, privacy, risk, socBy Brett Candon, VP International at Dropzone AI Trust has always been critical in security operations, but in the UK and Europe it carries significant regulatory weight. GDPR, NIS2 and similar related data”‘protection frameworks shape far more than legal risk, they directly influence architectural decisions, supplier selection, and how security data can be accessed, processed…
-
Top AI SOC Analyst Platforms in 2026
The world is adapting to the concept of agentic AI: agents that can operate in your network with human instruction and direction, and cut the time needed to do menial tasks. Within the SOC, a number of new tools and platforms are now vying for attention with a range of offerings for different sized users.…
-
How to Scale Phishing Detection in Your SOC: 3 Steps for CISOs
Phishing has quietly turned into one of the hardest enterprise threats to expose early. Instead of crude lures and obvious payloads, modern campaigns rely on trusted infrastructure, legitimate-looking authentication flows, and encrypted traffic that conceals malicious behavior from traditional detection layers. For CISOs, the priority is now clear: scale phishing detection in a way that…
-
Attackers Don’t Just Send Phishing Emails. They Weaponize Your SOC’s Workload
The most dangerous phishing campaigns aren’t just designed to fool employees. Many are designed to exhaust the analysts investigating them. When a phishing investigation takes 12 hours instead of five minutes, the outcome can shift from a contained incident to a breach.For years, the cybersecurity industry has focused on the front door of phishing defense:…
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations/
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations-2/
-
March Patch Tuesday: Three high severity holes in Microsoft Office
aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required.”The cloud ecosystem doesn’t really handle patching well,” Reguly said. “It’s a relatively immature process, and the way that Microsoft handles these products really demonstrates that. The CVE impacting Azure Linux Virtual Machines (CVE-2026-23665) or the multiple CVEs…
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
I replaced manual pen tests with automation. Here’s what I learned.
Tags: access, attack, breach, control, cvss, detection, exploit, infrastructure, intelligence, password, penetration-testing, ransomware, RedTeam, resilience, risk, service, siem, soc, tactics, tool, training, update, vulnerability, zero-dayThe remediation black hole: Perhaps most frustrating was what happened after we received findings. Our teams would work diligently to implement fixes, but we rarely had the budget or opportunity to bring testers back to validate remediation. We were left with uncertainty. This gap between identification and verification created a dangerous blind spot in our…
-
My Really Fun RSA 2026 Presentations!
Tags: ai, apt, automation, cyber, cybersecurity, data, detection, google, governance, guide, lessons-learned, malware, soc, strategy, threatThis blog is perhaps a little bit more like an ad, so if you don’t want to check the ads, consider not reading it. a very cyber image (Gemini) But this year at RSA 2026, I’m speaking on three topics: securing AI, using AI for SOC, and sharing lessons about how Google applies AI and other technologies…
-
Stop Chasing Threats, Start Containing Them
Why SOCs Must Move Beyond Alerts and Adopt Identity-Aware Defense Models Today Security operations centers are overwhelmed by alerts, fragmented identity data and tool sprawl. As identity-based attacks rise, CISOs are shifting toward identity-aware detection, automation and outcome-driven security operations to reduce risk and improve resilience across hybrid environments. First seen on govinfosecurity.com Jump to…
-
4 ways to prepare your SOC for agentic AI
Tags: access, ai, attack, automation, best-practice, cloud, compliance, control, cybersecurity, data, defense, detection, edr, framework, governance, guide, identity, injection, intelligence, least-privilege, metric, mitre, radius, RedTeam, risk, siem, skills, soar, soc, threat, toolBuild capabilities for AI governance, content and quality: Upskilling existing analysts alone is not enough. As AI agents begin operating across tools, making decisions and triggering actions with minimal human involvement, the demands on the SOC will extend well beyond traditional analyst capabilities, experts say.Content engineering, for instance, is one emerging requirement. In an AI-enabled…
-
Challenges and projects for the CISO in 2026
Tags: access, ai, authentication, automation, awareness, cisco, ciso, cloud, communications, control, credentials, cybersecurity, data, defense, detection, edr, email, encryption, endpoint, finance, framework, group, identity, intelligence, leak, mobile, network, service, soc, sophos, strategy, technology, trainingHazel DÃez (Banco Santander), Roberto Lara (Vodafone), Marijus Briedis (NordVPN), Ãlvaro Fernández (Sophos), and Ãngel Ortiz (Cisco). Banco Santander, Vodafone, NordVPN, Sophos y Cisco. Montaje: Foundry Against this backdrop, Cisco defines AI as “the fundamental technology that will set the cybersecurity agenda in 2026,” in the words of Ortiz, who refers to the company’s Integrated…
-
The SOC Analyst Role Is Going Up (And It Was Never Going Away)
Tags: socThe average SOC receives 4,400+ alerts per day and can’t investigate 67% of them. Autonomous triage platforms like Morpheus are changing the analyst’s role from ticket processor to strategic operator, here’s what that looks like in practice. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-soc-analyst-role-is-going-up-and-it-was-never-going-away/
-
Your SOC Doesn’t Need More Tools. It Needs Fewer.
The average SOC manages 83 security tools from nearly 30 vendors. Why the smartest CISOs are consolidating their security operations, and how D3 Morpheus makes it possible without compromising coverage. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/your-soc-doesnt-need-more-tools-it-needs-fewer/
-
3 Data-Based Shifts Defining AI-Native Cybersecurity Stacks
The SOC is changing faster than you realize. Discover the 3 data-based shifts defining the AI-native cybersecurity era: from upstream detection to AI-powered triage and enrichment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/3-data-based-shifts-defining-ai-native-cybersecurity-stacks/
-
3 Data-Based Shifts Defining AI-Native Cybersecurity Stacks
The SOC is changing faster than you realize. Discover the 3 data-based shifts defining the AI-native cybersecurity era: from upstream detection to AI-powered triage and enrichment. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/3-data-based-shifts-defining-ai-native-cybersecurity-stacks/
-
6 Minutes and a Prayer: The Math Your SOC Doesn’t Want You to See
Your SOC can’t triage every alert, the math proves it. See why 75% of alerts go uninvestigated and how AI-autonomous triage closes the gap. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/6-minutes-and-a-prayer-the-math-your-soc-doesnt-want-you-to-see/