Tag: soc
-
Threat Hunting Guide Designed for SOC Analysts and MSSPs
Proactive threat hunting has become an essential discipline for Security Operations Center (SOC) analysts and Managed Security Service Providers (MSSPs). Traditional detection methods often miss novel or sophisticated adversarial techniques, making it critical for security teams to leverage advanced tools and methodologies. ANY.RUN’s Threat Intelligence Lookup (TI Lookup) empowers analysts with granular insights into Indicators…
-
Can AI agents catch what your SOC misses?
A new research project called NetMoniAI shows how AI agents might reshape network monitoring and security. Developed by a team at Texas Tech University, the framework brings … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/02/netmoniai-open-source-soc-ai-driven-network-defense/
-
SANS SOC-Umfrage 2025 zeigt Lücken bei Datenstrategie und Tool-Einsatz
Die Umfrage bewertet SOCs nach ihren Fähigkeiten, ihrer Architektur, der Personalausstattung sowie danach, ob diese intern oder extern abgedeckt werden. Für Sicherheitsverantwortliche bietet der Bericht damit wertvolle Einblicke: Wie bauen andere ihr SOC auf? Wo stehen wir im Vergleich? Und welche Stellschrauben haben wir selbst in der Hand? First seen on infopoint-security.de Jump to article:…
-
One unexpected challenge organizations face while implementing SOC 2
One Unexpected SOC 2 Challenge: Overcoming Cultural Resistance to Security-First Thinking When companies start their SOC 2 journey, most expect the technical checklist: configure access controls, deploy logging, and gather evidence. But what we’ve consistently seen with our customers is that the toughest part isn’t the technology. It’s the culture. SOC 2 compliance is often…The…
-
Cybercrime schläft nie wie das SOC Bedrohungen stoppt, bevor Sie davon erfahren
Cybercrime schläft nie wie das Security Operations Center Bedrohungen stoppt, bevor Sie davon erfahren. Hier stellen wir das SOC vor. First seen on tarnkappe.info Jump to article: tarnkappe.info/advertorial/cybercrime-schlaeft-nie-wie-das-soc-bedrohungen-stoppt-bevor-sie-davon-erfahren-320159.html
-
Auf der Suche nach unbekannten Gefahren – Elastic AI SOC Engine soll komplexe, versteckte Bedrohungen aufdecken
First seen on security-insider.de Jump to article: www.security-insider.de/elastic-ai-soc-engine-soll-komplexe-versteckte-bedrohungen-aufdecken-a-a27479195e3cbde81c11278cb03a21fa/
-
CrowdStrike Buys Onum for $290M to Boost SIEM Data Ingestion
Buying Spanish Startup Brings Real-Time Data Pipeline Tech to Boost SOC Efficiency. CrowdStrike announced plans to acquire Spanish startup Onum Technology for $290 million. The move brings advanced data pipeline tools into its Falcon platform, speeding up threat detection and consolidating SOC workflows for customers leaving legacy SIEMs. First seen on govinfosecurity.com Jump to article:…
-
How Gainesville Regional Utilities is locking down vendor risk
Tags: access, breach, business, cio, ciso, compliance, conference, cyber, data, finance, group, HIPAA, infrastructure, malicious, penetration-testing, risk, risk-assessment, risk-management, service, soc, strategy, threat, vulnerabilityIntake and triage: The requesting business unit submits an intake form detailing the vendor’s responsibilities, the IT service involved, the types of data needed, and any required system access. The IT security team then conducts an initial risk triage.Detailed assessment: If the vendor poses a moderate or high risk, it must complete a security questionnaire…
-
2025 CSO Hall of Fame: George Finney on decryption risks, AI, and the CISO’s growing clout
Tags: ai, attack, automation, breach, business, ciso, computing, conference, cyber, cybersecurity, data, encryption, intelligence, jobs, LLM, microsoft, risk, soc, threat, tool, zero-trustWhat do you see as the biggest cybersecurity challenges for the next generation of CISOs, and how should they prepare? : George Finney: One major challenge is the threat of attackers saving encrypted data today with the intention of decrypting it later. With quantum computing, we know that in five to 10 years, older encryption…
-
Cybersicherheit mit KI: Hybride SOC-Modelle gegen Cyberbedrohungen
Künstliche Intelligenz (KI) birgt großes Potenzial für die Cybersicherheit in Unternehmen. Insbesondere im Security Operation Center (SOC) kann KI Prozesse optimieren, Analysten entlasten und Bedrohungen frühzeitig erkennen. Das gelingt jedoch nur in Synergie mit menschlichem Know-how und umfassender Cybersecurity-Erfahrung. KI zeigt sich in der Cybersicherheit als echtes Janusgesicht. Einerseits steigt durch Deepfakes, KI-gestütztes Phishing… First…
-
Managed Security Operations Center Souveräne Cybersicherheit mit einem Managed SOC
IT-Verantwortliche haben es heutzutage mit einer verschärften Cybersicherheitslage zu tun: Die Anzahl der Angriffe nimmt kontinuierlich zu, die Attacken werden immer raffinierter und sind schwer zu erkennen. Gleichzeitig fehlt es in vielen Unternehmen an qualifizierten Fachkräften, spezifischem Know-how und zeitlichen Ressourcen. Eine effektive und umfassende Absicherung der IT-Systeme ist bei dieser Ausgangslage schwer umsetzbar. Eine…
-
7 Anzeichen für akuten MSSP-Bedarf
Tags: best-practice, ceo, ciso, compliance, cyber, cybersecurity, data, incident, incident response, intelligence, mssp, service, soc, software, threat, tool, updateManaged Security Service Provider können das Sicherheitsniveau nachhaltig steigern.Ein Managed Security Service Provider (MSSP) bietet seinen Kunden ein umfassendes Spektrum an Sicherheits-Services. Als Drittanbieter kann ein MSSP die Arbeitsbelastung der internen IT-Teams deutlich reduzieren und Zeit freisetzen, um sich mit essenziellen Unternehmensprozessen und strategischen Überlegungen auseinanderzusetzen. Darüber hinaus kann ein MSSP unter anderem auch dazu…
-
5 ways to improve cybersecurity function while spending less
Tags: advisory, ai, authentication, ceo, ciso, control, cyber, cybersecurity, firewall, governance, incident response, mfa, microsoft, middle-east, risk, scam, service, siem, skills, soc, technology, threat, tool, training, windows2. Focus on people and processes: “Teamwork and influential leadership are pivotal in Orange County. We work side-by-side as extensions across our departments. We can’t all do everything, and we don’t want to reinvent the wheel. We shoulder the burden together, revisit existing initiatives, and reduce that tech debt,” Cheramie explains. “That’s how you do…
-
BSidesSF 2025: One SOC, The Whole SOC, and Nothing But The SOC, So Help Me
Creator, Author and Presenter: Carson Zimmerman Our deep appreciation to Security BSides – San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon – certainly a venue like no other; and via the organization’s YouTube…
-
How Exposure Management Has Helped Tenable Reduce Risk and Align with the Business
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how exposure management has helped him reduce risk and better align with the business. You can read the entire Exposure…
-
Munich Reinsurance unites global security teams to boost resilience, cut costs
Tags: access, best-practice, business, cloud, conference, cyber, cybersecurity, defense, detection, edr, group, incident response, intelligence, jobs, lessons-learned, metric, network, resilience, risk, siem, skills, soc, strategy, tactics, threat, toolConsolidate functions into one incident response team, one threat intelligence team, and one threat-hunting team serving all Munich brands around the clock.Improve team capabilities by blending the strongest skills of each team into more mature, well-rounded functions.Reduce redundancies in responsibilities, tools, and processes to cut costs.To reach these goals, Munich deployed various tactics, including:Combining best…
-
How Exposure Management Has Helped Tenable Reduce Risk and Align with the Business
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how exposure management has helped him reduce risk and better align with the business. You can read the entire Exposure…
-
How AI is reshaping cybersecurity operations
Tags: access, ai, attack, business, ciso, cloud, control, cyber, cybersecurity, data, defense, detection, encryption, finance, gartner, governance, guide, hacker, infrastructure, intelligence, jobs, malware, microsoft, monitoring, phishing, regulation, resilience, risk, sans, service, skills, soc, strategy, supply-chain, technology, threat, tool, training, updateBecause AI can perform tasks at speeds that supersede human capacity, it exponentially scales the amount of work that a cybersecurity function can do, says Rob T. Lee, chief of research for AI and emerging threats and head of faculty at SANS Institute.Moreover, AI excels at doing repetitive tasks near perfectly every time, so it…
-
AI To Handle 60% of SOC Work By 2028. It Had Better Be Robust.
If you’re trying to separate real AI-SOC capability from hype, you’ll love this: we’re making the 2025 AI SOC Market Landscape report available as a download. Produced by Software Analyst Cyber Research (SACR), it’s the most comprehensive snapshot of this emerging category. It features 13 vendors, architectural guidance, risk frameworks, implementation roadmaps, and a capabilities……
-
Empower Your SOC Team with Enhanced NHI Management
Could You Revolutionize Your Cybersecurity Strategy with NHI Management? Raising the bar in cybersecurity defense has become a critical concern for organizations operating. One area that has gained traction in this regard is Non-Human Identities (NHIs) and Secrets Management. This innovative approach enables companies to prioritize security without compromising the agility and flexibility that modern……
-
Google spins up agentic SOC to speed up incident management
Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629693/Google-spins-up-agentic-SOC-to-speed-up-incident-management
-
7 signs it’s time for a managed security service provider
Tags: access, best-practice, breach, business, ciso, compliance, cyber, cybersecurity, data, data-breach, defense, detection, edr, incident, incident response, intelligence, mitigation, monitoring, mssp, ransomware, risk, service, siem, soc, software, supply-chain, threat, tool, update, vulnerability, vulnerability-management2. Your security team is wasting time addressing and evaluating alerts: When your SOC team is ignoring 300 daily alerts and manually triaging what should be automated, that’s your cue to consider an MSSP, says Toby Basalla, founder and principal data consultant at data consulting firm Synthelize.When confusion reigns, who in the SOC team knows…
-
Agentic AI promises a cybersecurity revolution, with asterisks
Tags: ai, api, authentication, ceo, ciso, cloud, control, cybersecurity, data, endpoint, infrastructure, jobs, LLM, open-source, openai, risk, service, soc, software, supply-chain, technology, tool, update, vulnerabilityTrust, transparency, and moving slowly are crucial: Like all technologies, and perhaps more dramatically than most, agentic AI carries both risks and benefits. One obvious risk of AI agents is that, like most LLM models, they will hallucinate or make errors that could cause problems.”If you want to remove or give agency to a platform…
-
How security teams are putting AI to work right now
AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/18/ai-in-security-operations/
-
Empowering SOC Teams with Advanced NHIDR Solutions
Can Non-Human Identity and Data Rights Solutions Revolutionize Your Cybersecurity Protocol? Non-Human Identities (NHIs) are proving to be fundamental. When data breaches escalate both in frequency and impact, a renewed focus has shifted towards robust security measures where NHIs and Secrets Security Management take center stage. NHI management has emerged as a crucial, yet underrepresented……
-
Empower Teams with Effective IAM Strategies
Why is Secure NHI Management Critical for Successful Team Empowerment? How often does secure Non-Human Identity (NHI) management come to mind? Considering the increasing reliance on cloud-based solutions across industries, including healthcare, finance, and travel, it’s clear that cybersecurity should play a significant part in empowering teams. For DevOps and SOC teams, especially, the task……
-
Elastic AI SOC Engine (EASE) bekämpft Alarmmüdigkeit und beschleunigt Analysen
Mit agentenlosen Integrationen und der Elastic Attack Discovery hilft EASE, Alarme automatisch zu korrelieren, Prioritäten zu setzen und so versteckte Angriffe schneller zu erkennen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/elastic-ai-soc-engine-ease-bekaempft-alarmmuedigkeit-und-beschleunigt-analysen/a41658/