%term

Speed: A Security Analyst's Best Friend

Feb 7, 2020 By John Dominguez In Splunk

In so many ways, speed is a security analyst’s best friend. From threat detection to containment to response – the faster you are, the more secure your business will be. It’s exactly why metrics like dwell time, MTTD (mean time to detect) and MTTR (mean time to respond) exist. It’s a barometer for the strength of your organization’s security, and a gauge of success for any good security team.

Read Post

Splunk

Read more about Speed: A Security Analyst's Best Friend

What is a SOC Framework?

Feb 5, 2020 By Fakhar Imam In Logsign

In the age of the digital world, owning a Security Operations Center (SOC) is vital for the cybersecurity of every organization. However, it is not necessarily true that every SOC is effective against cyber threats and attacks. The main reason behind this fact is a lack of standardized SOC frameworks. SOC framework requires a document to be designed to provide guidelines, requirements, and specifications in order to support cybersecurity operations effectively.

Read Post

Logsign

Read more about What is a SOC Framework?

SOCtails Episode 3 - The Cybersecurity Olympics

Feb 3, 2020 By Splunk In Splunk

As security analysts, Kevin and Jeff know the importance of responding quickly to security incidents. In this episode, Kevin and Jeff compete to see who can achieve the fastest incident response time. Learn more at www.splunk.com/phantom.

View Video

Splunk

Read more about SOCtails Episode 3 - The Cybersecurity Olympics

SOAR In Your Pocket

Jan 31, 2020 By Andreas Buis In Splunk

Hi, Let's take a look behind the scenes and find out how Security Orchestration Automation and Response (SOAR) solutions can have a positive impact on your security investigation and response efficiency. In this article, I'll also highlight how Phantom-mobile makes your life as the “officer on duty” a lot easier.

Read Post

Splunk

Read more about SOAR In Your Pocket

SOCtails Episode 2 - Automate your Security Operations

Dec 3, 2019 By Splunk In Splunk

Kevin has the “alert fatigue”. He’s overwhelmed by too many security alerts, and he doesn’t have the resources or the time to investigate and respond to all of them. Jeff explains how automation from Splunk Phantom can help. And now, with Phantom on Splunk Mobile, you can automate security operations directly from your mobile phone.

View Video

Splunk

Read more about SOCtails Episode 2 - Automate your Security Operations

Arctic Wolf: Redefining Cybersecurity

Nov 26, 2019 By Arctic Wolf In Arctic Wolf

Every 39 seconds, there's a new attempted cyberattack in the US. The results can be devastating. Money lost. Time wasted. Reputations destroyed. That's why you need the experts in your corner. Arctic Wolf's 24x7 Concierge Security™ Teams are working around the clock to monitor, detect, and respond to cyberattacks before they have the chance to impact your business. Continually redefining cybersecurity in today's complex landscape, Arctic Wolf's dynamic Soc-as-a-service is trusted by thousands of IT and Security leaders to protect their organization.

View Video

Arctic Wolf

Read more about Arctic Wolf: Redefining Cybersecurity

SOAR for Incident Alert Management

Nov 1, 2019 By Fakhar Imam In Logsign

In cyberwarfare, cybersecurity threats and attacks are constantly expanding and evolving. Due to the sophistication and modern approaches used by malicious actors, security professionals in Security Operation Centers (SOCs) are unable to deal with critical threats as effectively and quickly as possible.

Read Post

Logsign

Read more about SOAR for Incident Alert Management

SOCtails Episode 1

Oct 30, 2019 By Splunk In Splunk

Jeff and Kevin meet up for “SOCtails” to chat about their experiences working in different SOCs (Security Operations Center). Kevin gets a security alert and opens his laptop to resolve it. Jeff shows Kevin a better way with Splunk Phantom.

View Video

Splunk

Read more about SOCtails Episode 1

Are you dealing with the symptoms or the cause of analyst burnout?

Oct 24, 2019 By Jason Mical In Devo

Organizations build a SOC – a dedicated, centralized team of security experts – to effectively detect and respond to advanced threats. However, as SOCs deal with evolving threats and an expanding attack surface, advancements in the stack have not kept pace and analysts are feeling the pain.

Read Post

Devo

Read more about Are you dealing with the symptoms or the cause of analyst burnout?

Why is Today's SOC Ineffective?

Sep 19, 2019 By Julian Waits In Devo

Security Operations Centers (SOCs) are the nerve centers of enterprise cybersecurity programs. They should serve a critical function by helping businesses improve their security posture by monitoring, detecting, and analyzing potential cyber threats. But for a number of reasons, today’s SOCs are not doing this effectively.

Read Post