At Sumo Logic, we always pride ourselves on our dedication to make Cloud SOAR as user-friendly as possible. Now, we’re going to show you in practice how we make that happen. Cloud SOAR’s Incident Search Query Bar is easily configurable and allows users to customize their viewing perspective and choose which data they want to see.

We all witnessed how merciless 2020 was for a wide range of organizations. Even the mightiest, most prestigious companies and enterprises are not exempt from the deadly grasp of sophisticated cyber attacks. What this means for security professionals is that they should take a proactive, rather than a reactive stance. But how do you anticipate the unknown? Many security professionals would wonder.

The COVID-19 crisis prompted a spike in ransomware attacks, which was expected, to say at least. In fact, Checkpoint research shows that in Q3 2020, there was a 50% increase in ransomware attacks compared to earlier periods of this year. And while this wave of ransomware attacks was anticipated, not all organizations were reinforced enough to repel these attacks with proper resources and technologies.

2021 is only a month away, and given the turbulent landscape we had in 2020, we can’t help but wonder what the cybersecurity conditions will look like for companies and enterprises in the upcoming year. Year after year, the cybersecurity industry faces new challenges and obstacles, and 2021 will be no different. 2020 proved to be one of the most challenging years, cybersecurity-wise, especially for those companies whose employees suddenly had to switch to remote working.

How can my team keep track of the threat landscape? What’s the best way to manage my company’s move to cloud-based and SaaS-based solutions? And how can I keep up with compliance regulations? Is there a better way to do all this?

We have all heard about Key Performance Indicators (KPIs) and how critical they can be for your security program , but confusion remains surrounding what KPIs are important to track and how they can be used to measure and improve the organization’s security program.

Does the SOC really need to be disrupted? In an EY survey, 59% of enterprises admitted experiencing a material or significant breach. Despite the fact that SOC spend dominates an organization’s cybersecurity budget, more than half of these SOCs were actually ineffective in protecting their organizations from attacks.

One of the major buzzwords when talking about cyber incident response is playbooks, advanced workflows with specific actions tailored to deal with and respond to cyber incidents. Over the past few security conferences, I have noticed something of a trend emerging that centers on the uncertainty and hesitance that some incident response teams have regarding the use of playbooks and, in particular, around the notion of automation in incident response.