Tag: soc
-
Beyond “Is Your SOC AI Ready?” Plan the Journey!
You read the “AI-ready SOC pillars” blog, but you still see a lot of this: Bungled AI SOC transition How do we do better? Let’s go through all 5 pillars aka readiness dimensions and see what we can actually do to make your SOC AI-ready. #1 SOC Data Foundations As I said before, this one is my…
-
Detect and Respond Faster with Elastic & Tines
Security operations center (SOC) teams are under nonstop pressure. Threats are rising, attack techniques are evolving, and analysts are drowning in alerts. Meanwhile, SOC leaders are asked to do more with fewer resources and tighter budgets. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/detect-respond-faster-elastic-tines-p-4022
-
AI SOC Anxiety: Does More Control Equal More Complexity?
SOC teams want AI they can control without recreating SOAR sprawl. This post explores why control and complexity feel linked, and how autonomy with guardrails breaks the tradeoff. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/ai-soc-anxiety-does-more-control-equal-more-complexity/
-
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
In 2025, these startups have reimagined browser security, pioneered application security for AI-generated code, and are building consensus on agentic vs. human costs. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/startup-trends-shaking-up-browsers-soc-automation-appsec
-
Cyberabwehr im Kosten-Nutzen-Vergleich – Selbermachen oder Outtasken? Der Mehrwert eines Managed SOC
Tags: socFirst seen on security-insider.de Jump to article: www.security-insider.de/selbermachen-oder-outtasken-der-mehrwert-eines-managed-soc-a-0d534d56bac742a2afa7e93537d40ed3/
-
KI im SOC braucht Governance und klare Verantwortlichkeiten – Ohne Governance wird agentenbasierte KI im SOC zum Sicherheitsrisiko
First seen on security-insider.de Jump to article: www.security-insider.de/ki-agenten-soc-governance-a-a3f3d2a5ddad1c320cc2f3d6ad43fc2c/
-
Wie KI die Cybersicherheit neu gestaltet
Tags: ai, ciso, cloud, cyber, cyberattack, cybersecurity, cyersecurity, data, encryption, gartner, governance, group, guide, hacker, incident response, infrastructure, microsoft, phishing, resilience, risk, sans, soc, supply-chain, threat, tool, vulnerability-managementKünstliche Intelligenz und insbesondere Generative KI dringt immer tiefer in die Sicherheitsprozesse vor.Generative KI (GenAI) ist zu einem allgegenwärtigen Werkzeug in Unternehmen geworden. Laut einer Umfrage der Boston Consulting Group nutzen 50 Prozent der Unternehmen die Technologie, um Arbeitsabläufe neu zu gestalten. 77 Prozent der Befragten sind überzeugt, dass KI-Agenten in den nächsten drei bis…
-
How are SOC teams empowered by advanced Machine Identity Management
How Can Machine Identity Management Optimize Security Operations? In cybersecurity, how can organizations effectively minimize risks associated with unmanaged Non-Human Identities (NHIs)? Where businesses continue to depend heavily on cloud infrastructures and automated processes, understanding the strategic significance of NHIs becomes paramount, particularly for Security Operations Centers (SOC) teams tasked with safeguarding digital. With NHIs……
-
Identity Security 2026: Four Predictions & Recommendations
Agentic AI adoption and identity security risks, IGA expands in mid-market, SOC-identity team collaboration, and identity platform consolidation”, this 2026 predictions post previews identity trends. First seen on darkreading.com Jump to article: www.darkreading.com/identity-access-management-security/identity-security-2026-predictions-and-recommendations
-
Identity Security 2026: Four Predictions and Recommendations
Agentic AI adoption and identity security risks, IGA expands in mid-market, SOC-identity team collaboration, and identity platform consolidation”, this 2026 predictions post previews identity trends. First seen on darkreading.com Jump to article: www.darkreading.com/identity-access-management-security/identity-security-2026-predictions-and-recommendations
-
Start in die Ära des Agentic SOC Vom Analysten zum Kommandanten
Mit drei Innovationen will CrowdStrike Sicherheitsoperationen neu definieren: Falcon Agentic SOAR, die erweiterte Agentic Security Workforce und Falcon for XIoT. Im Zentrum steht eine strategische Idee Sicherheit durch intelligente, autonome Agenten, die mit menschlichem Urteilsvermögen handeln und Cyberangriffe in Echtzeit stoppen. First seen on ap-verlag.de Jump to article: ap-verlag.de/start-in-die-aera-des-agentic-soc-vom-analysten-zum-kommandanten/101255/
-
Real-World Cyber Attack Detection: How Modern SOCs Identify, Block, and Contain Advanced Threats
Executive Summary Modern cyberattacks rarely appear as a single, obvious incident. Instead, they manifest as multiple low-level signals across web, endpoint, DNS, cloud, and network telemetry. When analyzed in isolation, these signals may seem benign. When correlated intelligently, they reveal active attack campaigns targeting applications, identities, cloud storage, and network boundaries. This article presents a…
-
Implementing NIS2, without getting bogged down in red tape
Tags: access, ai, automation, backup, bsi, business, cloud, compliance, control, data, detection, email, encryption, iam, identity, incident response, infrastructure, law, least-privilege, metric, monitoring, network, nis-2, regulation, saas, sbom, service, siem, soc, software, startup, supply-chain, technology, threat, tool, update, vulnerability, vulnerability-management, zero-dayIT in transition: From text documents to declarative technology: NIS2 essentially requires three things: concrete security measures; processes and guidelines for managing these measures; and robust evidence that they work in practice.Process documentation, that is, policies, responsibilities, and procedures, is not fundamentally new for most larger companies. ISO 27001-based information security management systems, HR processes, and…
-
Der Aufstieg des Chief Trust Officers: Wo passt der CISO hinein?
Tags: ai, ceo, cio, ciso, compliance, cyersecurity, finance, governance, grc, office, risk, risk-management, soc, software, vulnerabilityDer Chief Trust Officer steht für einen Wandel von der Verteidigung von Systemen hin zur Sicherung der Glaubwürdigkeit.Immer mehr Unternehmen heben Vertrauen als Unterscheidungsmerkmal für ihr Geschäft hervor. Durch Datenschutzverletzungen, Bedenken hinsichtlich der Produktsicherheit und Unsicherheiten in Bezug auf künstliche Intelligenz hat das Vertrauen der Kunden in den vergangenen Jahren stark gelitten.Wie aus dem Edelman…
-
2025 Year in Review at Cloud Security Podcast by Google
Tags: 2fa, ai, automation, breach, cloud, compliance, computing, control, cybersecurity, data, defense, detection, edr, finance, google, hacking, incident response, infrastructure, linux, mandiant, metric, mitigation, offense, phone, privacy, risk, security-incident, siem, soc, technology, threat, vulnerability, vulnerability-management, zero-trust(written jointly with Tim Peacock) Five years. It’s enough time to fully launch a cloud migration, deploy a new SIEM, or”Š”, “Šif you’re a very large enterprise”Š”, “Šjust start thinking about doing the first two. It’s also how long Tim and I have been subjecting the world to our thoughts on Cloud Security Podcast by Google. We…
-
AI security is fundamentally a cloud infrastructure problem, Palo Alto Networks says
Companies should prioritize identity security and integrate cloud monitoring into the SOC, according to the security firm. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-security-cloud-infrastructure-palo-alto-networks/808510/
-
Arctic Wolf CEO On How AI Will ‘Revolutionize’ The SOC, MSP Opportunities In 2026
In an interview with CRN, Arctic Wolf CEO Nick Schneider said that the cybersecurity skills shortage will to a large degree be solvable as AI and agentic capabilities become more available in the Security Operations Center (SOC). First seen on crn.com Jump to article: www.crn.com/news/security/2025/arctic-wolf-ceo-on-how-ai-will-revolutionize-the-soc-msp-opportunities-in-2026
-
Arctic Wolf CEO On How AI Will ‘Revolutionize’ The SOC, MSP Opportunities In 2026
In an interview with CRN, Arctic Wolf CEO Nick Schneider said that the cybersecurity skills shortage will to a large degree be solvable as AI and agentic capabilities become more available in the Security Operations Center (SOC). First seen on crn.com Jump to article: www.crn.com/news/security/2025/arctic-wolf-ceo-on-how-ai-will-revolutionize-the-soc-msp-opportunities-in-2026
-
The Hidden Cost of “AI on Every Alert” (And How to Fix It)
Learn why running AI agents on every SOC alert can spike cloud costs. See how bounded workflows make agentic triage reliable and predictable. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/the-hidden-cost-of-ai-on-every-alert-and-how-to-fix-it/
-
Why You Should Train Your SOC Like a Triathlete
The key elements in a security operations center’s strategy map very closely to the swim/bike/run events in a triathlon. SOCs, like triathletes, perform well when their inputs are strong. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/why-you-should-train-your-soc-like-triathlete
-
Why You Should Train Your SOC Like a Triathlete
The key elements in a security operations center’s strategy map very closely to the swim/bike/run events in a triathlon. SOCs, like triathletes, perform well when their inputs are strong. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/why-you-should-train-your-soc-like-triathlete
-
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time
Modern security teams often feel like they’re driving through fog with failing headlights. Threats accelerate, alerts multiply, and SOCs struggle to understand which dangers matter right now for their business. Breaking out of reactive defense is no longer optional. It’s the difference between preventing incidents and cleaning up after them.Below is the path from reactive…
-
Agentenbasiertes SOC – Crowdstrike rüstet Falcon mit SOAR und XIoT auf
First seen on security-insider.de Jump to article: www.security-insider.de/crowdstrike-ruestet-falcon-mit-soar-und-xiot-auf-a-df8879ae99bbe75434ee3533582cfeeb/
-
AI is accelerating cyberattacks. Is your network prepared?
AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms traditional defenses. Corelight explains how network detection and response (NDR) provides the visibility and behavioral insights SOC teams need to spot and stop these fast-moving threats. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ai-is-accelerating-cyberattacks-is-your-network-prepared/
-
AI is accelerating cyberattacks. Is your network prepared?
AI-driven attacks now automate reconnaissance, generate malware variants, and evade detection at a speed that overwhelms traditional defenses. Corelight explains how network detection and response (NDR) provides the visibility and behavioral insights SOC teams need to spot and stop these fast-moving threats. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ai-is-accelerating-cyberattacks-is-your-network-prepared/
-
Threat Report 2025 Relevante SOC-Daten aus Deutschland und Schutzempfehlungen für IT-Entscheider
Controlware veröffentlicht mit dem Controlware Threat Report 2025 einen umfassenden Lagebericht zur aktuellen Cybersicherheitslage mit klarem Fokus auf Organisationen im DACH-Raum. Der Bericht basiert auf den Daten und Incident-Analysen aus dem unternehmenseigenen, ISO-27001-zertifizierten Security Operations Center (SOC) in Dietzenbach bei Frankfurt am Main und bietet Unternehmen und Behörden relevante und praxisnahe Daten und Empfehlungen zur……
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…
-
Polymorphic AI malware exists, but it’s not what you think
Tags: access, ai, api, attack, authentication, automation, business, ciso, credentials, cryptography, cyber, cybercrime, detection, edr, email, espionage, government, group, identity, infrastructure, malicious, malware, marketplace, mfa, monitoring, phishing, radius, ransomware, risk, soc, technology, theft, threat, toolwhat the code block should do, or how it’s going to evade an antivirus. It’s just working under the assumption that Gemini just instinctively knows how to evade antiviruses (it doesn’t). There’s also no entropy to ensure the ‘self-modifying’ code differs from previous versions, or any guardrails to ensure it actually works. The function was…