Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

3 Ways SOC Automation Can Reduce Analyst Burnout

The 2020 Devo SOC Performance ReportTM presents security professionals’ responses to a variety of survey questions related to people, processes, and technologies within their security operations center (SOC). One of the more interesting topics in the report is the role security automation technologies can play in improving SOC performance and alleviating analyst stress caused by overwork and performing repetitive, mind-numbing tasks, which can lead to analyst burnout.

Hoge Fenton Law Firm Drives 67% Operational Savings for Audits and Compliance with Rubrik Sonar

Hoge Fenton Jones & Appel is a multi-service law firm headquartered in Silicon Valley. As a member of Mackrell International, a premier network of independent law firms in 60 countries, the firm’s reach extends around the world. Mackrell International has been named a Top Ranked Chambers Global Leading Law Firm Network.

What is endpoint detection and response? EDR security explained

As recent global health events have changed the world, the cybersecurity landscape has changed along with it. Almost all organizations — large or small — have seen their attack surface grow. For those unfamiliar with the term, an attack surface represents the sum total of all the ways in which a bad actor can exploit an endpoint or network to retrieve data. Every endpoint that connects to or communicates with the network is part of the network attack surface.

LokiBot Malware: What it is and how to respond to it

The Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security recently announced that activity in LokiBot, a form of aggressive malware, has increased dramatically over the last two months. The activity increase was discovered by an automated intrusion detection system referred to as EINSTEIN, which the Department of Homeland Security uses for collecting and analyzing security information across numerous government agencies.

Discover latest security vulnerabilities in minutes with Detectify

25 minutes. That’s how long it took to bring high severity security vulnerabilities to Detectify Asset Monitoring customers from the moment they were discovered. On a more technical side, our Security Researchers, led by Tom Hudson, implemented a high priority vulnerability test to detect an Arbitrary File Read in VMware vCenter, and released it into production in this record time.

SIEM: What Is SIEM, How It Works, and Useful Resources

SIEM stands for Security information and event management. This technology has existed since the late 1990s. Traditional SIEM has been joined by a broad use log management technology that focuses on collecting various types of logs and events for different purposes, such as: SIEM vendors usually provide different combinations of functionalities to offer the benefits listed above.

How to Set Up an SSH Jump Server

In this blog post we’ll cover how to set up an SSH jump server. We’ll cover two open source projects. Both of these servers are easy to install and configure, are free and open-source, and are single-binary Linux daemons. An SSH jump server is a regular Linux server, accessible from the Internet, which is used as a gateway to access other Linux machines on a private network using the SSH protocol.

Lookout and Verizon Committed to Protecting Small Businesses with the Launch of Business Mobile Secure

Our mission has always been to secure the mobile experience and for many in our current climate, that means protecting employees as they work from home. Verizon recently announced the launch of Business Mobile Secure, a full security solution designed specifically for small and medium business customers with Lookout mobile security at the helm of the bundle’s modern endpoint protection offerings.

5 Essential Steps to Improve Cybersecurity Maturity

From small- and medium-sized organizations to large enterprises, every business is under continuous threat of security risk in today’s digital world. With the growing digital footprint and cloud adoption, organizations continue to experience sophisticated cyberthreats that hold the potential to disrupt business continuity. A vast majority of these threats can go undetected, or they can be detected too late for an organization to avoid the exposure and the associated risks.

What Is Password Spraying, and How Can You Spot and Block Attacks?

In 2019, a data heist at Citrix shook the cybersecurity world. The attackers stole business documents from a shared network drive and from a drive associated with a web-based tool used in Citrix’s consulting practice. The hackers gained this access to Citrix’s IT infrastructure through a password spraying attack, a technique that exploits weak passwords, leading to criticism that the software giant needlessly compromised its clients by failing to establish a sound password strategy.