Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Falcon Foundry: Build Custom Apps to Solve Tough Security Challenges

Not all security operation centers (SOCs) are equal. They have teams of different sizes, with varying skill levels, protecting a wide range of industries around the world. However, they have a few things in common — for one, they face many of the same threats, and many SOC teams struggle with the complexity of managing several disparate tools to detect and disrupt them. As the cybersecurity industry matures, SOC teams have more options to consolidate the security tools they use.

The Past, Present, and Future of File Integrity Monitoring

Also known as change monitoring, File Integrity Monitoring (FIM) solutions monitor and detect file changes that could indicate a cyberattack. They determine if and when files change, who changed them, and what can be done to restore files if those changes are unauthorized. As such, FIM solutions are useful for detecting malware and achieving compliance with regulations like PCI DSS and are a crucial part of any enterprise security stack.

A trainer's take: "Training alone won't change behaviours"

I've spent over 35 years as a trainer in various capacities, so it might surprise you to hear me say that training alone isn't enough to change behaviours—particularly when it comes to security. This isn't just my opinion; it's a conclusion from our State of Human Risk Management in 2024 Report. To understand why training isn't the full solution, we need to delve into the field of human error. Mistakes—errors caused by wrongly applied knowledge—can often be corrected with training.

What is UPnP? And Why is it Still a Security Risk?

In this video, learn what UPnP is, what it does, use cases, why it's a security risk, and security measures you can take. Learn more about: Resources and social media: Transcript: Universal Plug and Play, or UPnP, is a way for all devices on a local network to discover and connect with each other automatically, rather than having to connect each device by manually entering protocols like TCP/IP, HTTP, or DHCP.

Governing the Future: Federal Cybersecurity in the Age of Edge and AI

Intel's CTO on Navigating Cybersecurity, AI, and the Edge Governing the Future: Federal Cybersecurity in the Age of Edge and AI In this episode of the "Trusted Tech for Critical Missions" podcast, host Ben Arent interviews Steve Orrin, Chief Technology Officer at Intel Federal, about the evolving landscape of federal cybersecurity in the age of edge computing and artificial intelligence. Key Takeaways.

From SIEM to Detection as Code

Cloud-Native SIEM: Scaling Security for the Modern Era Key Takeaways: Detection-as-code offers improved governance, collaboration, and scalability Start with a clear understanding of critical threats to your organization Balance comprehensive monitoring with intentional, focused alerts Consider cloud-native SIEM solutions for cost-effectiveness and scalability Regularly review and update security playbooks and runbooks.

Monitor your Windows event logs with Datadog Cloud SIEM

Windows event logs are a key source of important information about your Windows environments, including detailed records of user activities, system performance, and potential security issues. However, with the sheer volume of logs modern environments generate, it can be overwhelming for security teams to efficiently detect, triage, and respond to threats in real time.

More Than 33,000 People in the UK Have Been Hacked Over the Past Year

Action Fraud, the UK’s national fraud and cyber crime reporting service, warns that more than 33,000 people have reported that their online accounts have been hacked over the past year. Most of these hacks were the result of phishing and other social engineering tactics. Action Fraud describes one technique that involves using a compromised account to target the victim’s friends.

Nearly Two-Thirds of IT Leaders Have Fallen For Phishing Attacks

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization won’t fall victim to a phishing attack. The survey found that 34% of organizations send simulated phishing emails to their employees at least once every two weeks, but only 15% of end users are aware of them. Likewise, the IT and security leaders surveyed said 83% of their employees fall for the phishing simulations.