The MITRE ATT&CKⓇ framework holds immense value in the realm of cybersecurity. With its comprehensive and structured approach, it serves as a powerful tool for understanding and countering complex, multi-vector cyber threats.
The necessity of a SIEM for organizations and their security teams has evolved dramatically over time. It has gone from edge use cases and compliance to the current preferred form of threat detection, hunting, and incident response. As the use cases have changed, so has the architecture. As a result, organizations that have been running their SIEM on-premises are now looking for modern architectures to reduce the workload on their analysts. The simple choice: SaaS, of course.
Threat hunters are some of the most specialized and experienced workers in the SOC. They are incredibly valuable to the organization, but as the 2023 SANS Threat Hunting Survey finds, they’re continually being asked to multi-task and take on other duties. And that’s taking away from their primary job of hunting for threats. How can we change this status quo and help threat hunters (and the organizations they work for) be successful? That’s the million-dollar question.
For years, security leaders have debated the advantages of building in-house security operations centers or outsourcing the SOC function to a third party. Both options have their pros and cons. The best choice for each organization depends on a few factors: the type of threats it encounters, the resources it has at its disposal, the complexity and breadth of their attack surface, and the commitment it wants to make to advanced threat hunting.
The Biden Administration’s recent moves to promote “responsible innovation” in artificial intelligence may not fully satiate the appetites of AI enthusiasts or defuse the fears of AI skeptics. But the moves do appear to at least start to form a long-awaited framework for the ongoing development of one of the more controversial technologies impacting people’s daily lives. The May 4 announcement included three pieces of news.
2022 was a year of dramatic expansion for The Devo Platform. The enhancements of behavior analytics, workflow automation, and AI-driven threat detection have transformed the Devo Platform into a cloud-native, SIEM, UEBA, and SOAR solution. This gives security teams the visibility, high performance, and advanced analytics they need to respond quickly to threats and protect the business.
The CISO role has evolved in recent years. CISO’s don’t come just from technical and security backgrounds anymore. Each organization has their own distinct vision for how to solve their security needs whether they are customer, regulatory, or industry driven. I started out my career as an external auditor, with the goal of becoming a CFO.
