Tag: soc
-
Hack the Box acquires LetsDefend for blue team upskilling
Hack The Box (HTB), a provider of gamified cybersecurity skills development, has announced the acquisition of LetsDefend, a pioneering blue team training platform known for its hands-on SOC simulations and growing community members. The company said the combination of the two companies >>will offer hands-on labs, real-world simulations and cross-role skill development to empower enterprises,…
-
FIRESIDE CHAT: The case for AI-Native SOCs built to take action, not just observe and alert
The raw attack surface isn’t just growing. It’s fragmenting. Logs from SaaS apps, cloud workloads, and third-party services flood security stacks already straining to keep up. Security teams are buried in alerts they can’t triage fast enough. Meanwhile, adversaries probe… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/fireside-chat-the-case-for-ai-native-socs-built-to-take-action-not-just-observe-and-alert/
-
George Kurtz’s 5 Boldest AI Statements At CrowdStrike Fal.Con 2025
CrowdStrike is making its next moves in AI including with a focus on enabling a Security Operations Center (SOC) that is fundamentally powered by agentic technologies, the “agentic SOC,” CrowdStrike co-founder and CEO George Kurtz said Tuesday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/george-kurtz-s-5-boldest-ai-statements-at-crowdstrike-fal-con-2025
-
CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy
Tags: ai, api, ciso, control, crowdstrike, cybersecurity, data, data-breach, detection, marketplace, password, risk, service, soc, trainingCrowdStrike’s Agentic Security Platform: CrowdStrike developed its Agentic Security Platform precisely to help organizations keep pace with increasingly AI-equipped adversaries. “The increasing speed of the adversary, the increasing use of generative AI means from a defensive standpoint, we want to leverage these technologies as well to match and hopefully exceed the speed and efficiency of…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
The Gravity of Process: Why New Tech Never Fixes Broken Process and Can AI Change It?
Tags: advisory, ai, api, best-practice, business, cybersecurity, data, flaw, grc, incident response, risk, siem, soar, soc, technology, threat, tool, trainingLet’s tackle the age old question: can new technology fix broken or missing processes? And then let’s add: does AI and AI agents change the answer you would give? Gemini illustration based on this blog This is the question which I recently debated with some friends, with a few AIs and with myself. The context was of…
-
Your SOC is the parachute, Will it open?
Tags: ai, automation, breach, cyber, cybersecurity, data, detection, exploit, finance, resilience, risk, soc, threat, tool, updateComplexity is the enemy of resilience: I recently had a fascinating conversation with a friend in Cambridge. We were debating what’s wrong with cybersecurity, and he said something that stuck with me: “The answer is simple if it’s done very well.”It echoes a point I explored in a collaborative essay with Abbas Kudrati: Cyber Security…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Fünf KI-Use-Cases für CISOs
Tags: access, ai, business, ceo, cio, ciso, cybercrime, cybersecurity, cyersecurity, data, framework, google, incident response, mail, microsoft, phishing, rat, risk, risk-management, service, siem, soc, tool, vpn, vulnerability, vulnerability-management -
Fünf KI-Use-Cases für CISOs
Tags: access, ai, business, ceo, cio, ciso, cybercrime, cybersecurity, cyersecurity, data, framework, google, incident response, mail, microsoft, phishing, rat, risk, risk-management, service, siem, soc, tool, vpn, vulnerability, vulnerability-management -
Realm.Security Joins Google Cloud Partner Advantage Program to Deliver Cost-Effective Security Data Management at Scale
Realm.Security joins the Google Cloud Partner Advantage program to deliver AI-powered security data pipelines that cut SIEM costs, streamline log management, and improve SOC efficiency for Google Cloud customers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/realm-security-joins-google-cloud-partner-advantage-program-to-deliver-cost-effective-security-data-management-at-scale/
-
Managed SOC für mehr Sicherheit
Tags: awareness, cloud, compliance, cyberattack, encryption, germany, infrastructure, nis-2, password, risk, security-incident, service, soc, software, supply-chainAls zentrale Einheit überwachen Fachleute im SOC die gesamte IT-Infrastruktur eines Unternehmens. Rund um die Uhr analysieren sie alle sicherheitsrelevanten Ereignisse in Echtzeit.Die Anforderungen an IT-Sicherheit haben sich in den vergangenen Jahrzehnten drastisch verändert. Während früher ein einfaches Passwort als Schutzmaßnahme genügte, sind heute mehrschichtige Sicherheitskonzepte erforderlich. Nur so können sich Unternehmen effektiv vor Cyberangriffen…
-
The Future of Defensible Security: From Reactive Playbooks to Attack-Pattern-Aware Autonomous Response
Why static automation isn’t enough”, and what real-world adversary data tells us about how the next-gen SOC must evolve. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/the-future-of-defensible-security-from-reactive-playbooks-to-attack-pattern-aware-autonomous-response/
-
Splunk.conf: Cisco and Splunk expand agentic SOC vision
The arrival of agentic AI in the security operations centre heralds an era of simplification for security pros, Splunk claimed. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630521/Splunkconf-Cisco-and-Splunk-expand-agentic-SOC-vision
-
Rethinking Security Data Management with AI-Native Pipelines
In this blog, you’ll learn why legacy pipelines fail modern SOC needs, how AI-native pipelines cut manual work, and how security teams gain cost savings, resilience, and faster threat response with adaptive, context-aware data management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/rethinking-security-data-management-with-ai-native-pipelines/
-
Rethinking Security Data Management with AI-Native Pipelines
In this blog, you’ll learn why legacy pipelines fail modern SOC needs, how AI-native pipelines cut manual work, and how security teams gain cost savings, resilience, and faster threat response with adaptive, context-aware data management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/rethinking-security-data-management-with-ai-native-pipelines/
-
What the Salesloft Drift breaches reveal about 4th-party risk
Tags: access, ai, api, attack, breach, control, data, data-breach, email, exploit, google, hacker, incident response, intelligence, monitoring, risk, risk-assessment, saas, soc, software, startup, supply-chain, technology, threat, tool, zero-trustFebruary 2024: SalesLoft acquires Drift, an AI-powered chatbot companyThe hidden legacy: Drift’s existing OAuth tokens to thousands of Salesforce and Google Workspace instances probably remained activeTime passes: Tokens and app permissions remain valid unless explicitly rotated or revoked.August 2025: Attackers abuse OAuth tokens associated with the Drift application to enumerate and exfiltrate Salesforce data; a…
-
SOC Agents: The New AI Gamble
In the Rush for AI-Run SOCs, Security Experts Warn of Trust and Governance Issues. AI SOC agents are touted as the future of security operations, promising nonstop triage and faster response. But cybersecurity experts warn most autonomous AI solutions are still immature, prone to false answers and lack the guardrails needed to keep them from…
-
5 ways CISOs are experimenting with AI
Tags: ai, attack, awareness, breach, business, ceo, cio, ciso, control, cyber, cybersecurity, data, data-breach, detection, email, finance, framework, incident response, intelligence, login, metric, microsoft, monitoring, phishing, qr, risk, risk-assessment, risk-management, service, siem, soc, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementTranslating security metrics into business language: CISOs are now tasked with being the security storyteller, and it doesn’t always come easily. Turning to AI, CISOs are finding a helping hand to translate technical detail into business-oriented narratives, drawing on a range of data sources, risk trends, control gaps and threat modeling.AI tools are helping tailor…
-
5 ways CISOs are experimenting with AI
Tags: ai, attack, awareness, breach, business, ceo, cio, ciso, control, cyber, cybersecurity, data, data-breach, detection, email, finance, framework, incident response, intelligence, login, metric, microsoft, monitoring, phishing, qr, risk, risk-assessment, risk-management, service, siem, soc, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementTranslating security metrics into business language: CISOs are now tasked with being the security storyteller, and it doesn’t always come easily. Turning to AI, CISOs are finding a helping hand to translate technical detail into business-oriented narratives, drawing on a range of data sources, risk trends, control gaps and threat modeling.AI tools are helping tailor…
-
Embracing the Next Generation of Cybersecurity Talent
Programs like student-run SOCs can expand our cybersecurity workforce and better secure our public and private entities for when, not if, cyberattacks occur. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/embracing-next-generation-cybersecurity-talent
-
Sevii Agentic AI Warriors Augment SOCs with Machine-Speed Remediation
Sevii launched an autonomous defense remediation (ADR) platform, using agentic AI Warriors to cut response times and transform SOC operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/sevii-agentic-ai-warriors-march-out-of-stealth-to-augment-socs-with-machine-speed-remediation/
-
Empower Your Team with Better Secrets Management
How Essential is Effective Secrets Management in Today’s Cybersecurity Landscape? The management of Non-Human Identities (NHIs) and their secrets has become an increasingly important consideration. It comes as no surprise that many organizations, including those in the financial services, healthcare, travel, DevOps, and SOC teams, are recognizing the profound impact of effective secrets management on……
-
Cyberabwehr rund um die Uhr – Fünf Fragen helfen IT-Leitern beim Wechsel ins Managed SOC
Tags: socFirst seen on security-insider.de Jump to article: www.security-insider.de/managed-soc-fuenf-fragen-it-leiter-a-78901476e24325e3d3673cae22a79e49/
-
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document”sharing notifications. The Stripe OLT SOC has identified this sophisticated attack, which leverages highly tailored emails to impersonate internal HR communications and harvest corporate credentials through a convincing Microsoft Office/OneDrive login page. At the heart of the…
-
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document”sharing notifications. The Stripe OLT SOC has identified this sophisticated attack, which leverages highly tailored emails to impersonate internal HR communications and harvest corporate credentials through a convincing Microsoft Office/OneDrive login page. At the heart of the…
-
OneDrive Phishing Attack Targets Corporate Executives for Credential Theft
A newly discovered spearphishing campaign is targeting executives and senior leadership across multiple industries by exploiting trusted OneDrive document”sharing notifications. The Stripe OLT SOC has identified this sophisticated attack, which leverages highly tailored emails to impersonate internal HR communications and harvest corporate credentials through a convincing Microsoft Office/OneDrive login page. At the heart of the…