As companies look to realize the full value of Microsoft Security products, they may find a managed security service provider can play a key role in helping them maximize the value of their investment. For many companies, the Microsoft 365 E5 license makes good business sense. In addition to the Office suite of productivity applications, E5 includes expanded capabilities for Microsoft cybersecurity solutions for endpoint detection and response (EDR), identity and access management (IAM), and more.

It’s impractical to operate security operations alone, using manual human processes. Finding opportunities to automate SecOps is an underlying foundation of Zero Trust and an essential architecture component for enterprise-scale SOCs. Let’s discuss what SOAR is, its common uses, and the future of SOAR with AI.

Trustwave is proud to announce that it has signed the Cybersecurity and Infrastructure Security Agency (CISA) Secure by Design Pledge, joining more than 150 other leading enterprise software manufacturers in committing to building stronger security features directly into our products.

CDK Global, a company that provides software for thousands of auto dealers, was hit by back-to-back cyberattacks on June 19. These attacks led to an outage that continued to impact many of their sales operations on Friday, according to the Associated Press. CDK told multiple news outlets that it is "actively investigating a cyber incident," and the company shut down all of its systems out of an abundance of caution.

Trustwave SpiderLabs, in its just-released report 2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, has uncovered an increasing number of ransomware, third-party supplier, and technology-based attacks targeting the professional services sector.

Recent research by Trustwave SpiderLabs, detailed in their newly published report "2024 Professional Services Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies," reveals a surge in ransomware, supply chain, and technologically sophisticated attacks aimed at the professional services industry.

Atlas Oil, a major player in the oil and fuel distribution industry, fell victim to a ransomware attack orchestrated by the Black Basta group. This attack not only compromised sensitive company data but also exposed a variety of documents that could potentially harm the company’s operations and reputation. Overall, Black Basta claims to have exfiltrated approximately 730 GB of data.

(A thought from The Matrix: Neo likely used a SIEM before he took the red pill and could see the matrix without one...) One of the best ways to monitor security-related activities for your organization is to collect audit logs from every network device and analyze those logs for activities which violate acceptable behavior. This is precisely the role of a SIEM or Security Information and Event Manager. Let me simplify your life by providing some best practice suggestions for deploying and using a SIEM.

As businesses engage in increasingly complex and interdependent relationships, ensuring all parties maintain high cybersecurity standards becomes essential. One method to achieve this is using security scores, which are similar to personal credit scores, and assessing the efficacy of an organization's cybersecurity program. However, there are certain changes and additions that should be made to how scoring is conducted that will ensure a more accurate scores, which will benefit stakeholders at all levels.

Knowing what you don’t know is the key to keeping an organization safe and the best method of doing so is with an offensive security approach that includes vulnerability scanning. By being proactive one can identify exploitable weaknesses in your own systems before malicious actors can. Here's why vulnerability scanning is an essential part of any offensive security solution: Vulnerability scanning is just one piece of the offensive security puzzle, but it's a crucial one.