%term

A Day in the Life of a SOC Team

Apr 18, 2023 By Forta Staff In Tripwire

This piece was originally published on Fortra’s AlertLogic.com Blog. Managed detection and response (MDR) would be nothing without a SOC (security operations center). They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features. These are the people who make our MDR services best in class so dependable. It’s time you met them.

Read Post

Tripwire

Read more about A Day in the Life of a SOC Team

IAM Legend: How Torq is Reinventing Identity and Access Management

Apr 4, 2023 By Leonid Belkind In Torq

Torq IAM is a critical foundation of modern enterprise IT infrastructures and governance. It’s one of the ways security professionals deliver value to their entire company, customer, and partner ecosystem. It’s also what drives the effective management of organizational roles, assets, and the connections between them. The product team at Torq is focused on changing the IAM game and leveling up our customers’ capabilities.

Read Post

Torq

Read more about IAM Legend: How Torq is Reinventing Identity and Access Management

Building Efficient SecOps Pipelines with AWS Security Lake and Torq

Apr 4, 2023 By Torq In Torq

Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources it into a purpose-built data lake stored in a customer’s AWS account. Amazon Security Lake reduces the complexity and costs for customers to make their security solutions data accessible to address a variety of security use cases such as threat detection, investigation, and incident response.

Read Post

Torq

Read more about Building Efficient SecOps Pipelines with AWS Security Lake and Torq

How Torq Remediates the 3CX Supply Chain Attack

Mar 31, 2023 By Torq In Torq

By Dallas Young Sr. Technical Marketing Manager, Torq According to researchers, the 3CX Voice over Internet Protocol (VoIP) desktop program for Windows and MacOS, which boasts over 600,000 customers and 12m daily users, has been compromised by a DLL sideloading attack and used in several supply chain attacks. 3CX is a private branch exchange (PBX) system, a private telephone network used within a company or organization.

Read Post

Torq

Read more about How Torq Remediates the 3CX Supply Chain Attack

How Do You Staff a SOC Over the Holidays?

Mar 30, 2023 By Arctic Wolf In Arctic Wolf

It’s natural for people to let down their guard when hunting for great deals or responding to one-time requests from coworkers trying to plan their vacations. But threat actors don’t take time off, and as recent history has shown from Log4J and Kaseya attacks, attackers are poised to do the most damage when their targets are off celebrating outside the office.

Read Post

Arctic Wolf

Read more about How Do You Staff a SOC Over the Holidays?

A Practical Guide for Becoming a SOC Analyst

Mar 28, 2023 By LimaCharlie In LimaCharlie

Practical Experience is important in getting cybersecurity work, and a home lab is a great option, but how do you do this for a SOC Analyst or cyber defender lab? Eric Capuano of Recon Infosec spells it out in a blog post. In this video, Dr. Gerald Auger shows you exactly why this Home SOC lab will give you an incredible advantage in learning practical cybersecurity skills.

View Video

LimaCharlie

Read more about A Practical Guide for Becoming a SOC Analyst

How Continuous Threat Hunting Addresses Potential Okta Password Exposure Via Failed Login Attempts

Mar 27, 2023 By Leonid Belkind In Torq

Last week, the incident response firm Mitiga published research outlining the potential exposure of Okta passwords of organizational users. The method involves a mistaken entry of one’s password in the username field in an Okta login interface – something that, according to the research, is not an infrequent occurrence.

Read Post

Torq

Read more about How Continuous Threat Hunting Addresses Potential Okta Password Exposure Via Failed Login Attempts

Security Operations Maturity Model II : What is it?

Mar 23, 2023 By Iratxe Vazquez In WatchGuard

The security operations maturity model assesses an organization’s current security capabilities to reduce its cyber risk and incident cost by lowering its time to detect and respond to threats, become more cyber resilient, and draw a plan to mature over time.

Read Post

WatchGuard

Read more about Security Operations Maturity Model II : What is it?

SOCtails - Unify Security Operations with Splunk Mission Control

Mar 21, 2023 By Splunk In Splunk

Security teams constantly pivot between multiple tools and management consoles in order to detect, investigate, and respond to security incidents. It's time-consuming and complex. And it's Kevin's personal nightmare. Jeff shows Kevin how to unify his security operations across detection, investigation and response using Splunk Mission Control.

View Video

Splunk

Read more about SOCtails - Unify Security Operations with Splunk Mission Control

Unify Your Security Operations with Splunk Mission Control

Mar 21, 2023 By Splunk In Splunk

Splunk Mission Control brings order to the chaos of your security operations by enabling your SOC to detect, investigate and respond to threats from one modern and unified work surface. Watch this 5 minute demo video to learn how Mission Control unifies your security operations experience across Splunk’s industry-leading security technologies and partner ecosystem in one work surface. The demo use case focuses on how an analyst detects, investigates and responds to an encoded PowerShell attack.

View Video