Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

63%. That's the number of SOC analysts who say they are likely to switch jobs in the next year, according to our Voice of the SOC Analyst report. Considering that SOC teams are understaffed and that the cybersecurity industry as a whole is facing severe staffing shortages, team leaders need to ensure that they're doing everything they can to retain their talent. However, SOC leaders may not know exactly what approach to take.

Contract with a third-party for managed SIEM services is increasingly affordable and requested by all-size organizations. Without any doubt, the advantages associated with this service allow monitoring, analyzing, and responding to cyber security threats more cost-effectively. However, what is a managed SIEM precisely? Is the price the only feature to take into account? What is the difference between a managed SIEM Provider (MSP) and a Managed Security Service Provider (MSSP)?

The situation with Dirty Pipe is rapidly evolving. We will update the information in this blog as it is released publicly. On March 7, 2022, Max Kellermann publicly disclosed a vulnerability in the Linux kernel, later named Dirty Pipe, which allows underprivileged processes to write to arbitrary readable files, leading to privilege escalation. This vulnerability affects kernel versions starting from 5.8.

Read also: Rompetrol hit by Hive ransomware, Mozilla fixes Firefox zero-days, and more.

I was encouraged when I saw our partners over at Microsoft step in when Russian cyberattacks commenced alongside their invasion of the Ukraine. While there have yet to be any reported attacks on the United States or its allies, I can’t help but think about our collective readiness, especially as sanctions against Russia intensify. The Cybersecurity and Infrastructure Security Agency (CISA), a federal agency under the U.S.

Static Application Security Testing (SAST) is an effective and well-established application security testing technology. It allows developers to create high-quality and secure software that is resistant to the kinds of attacks that have grown more prevalent in recent years. However, the challenge with SAST is that it tends to produce a high number of false positives that waste the time of your engineering team. In this blog we take a look at SAST and the problem of false positives.

2021 was a devastating year for cybersecurity. As business accelerated digital adoption and people played out their lives online, threat actors were ready to capitalize on the transitional moment, savagely targeting everything from critical health infrastructure to small and medium-sized businesses. By Q4 of 2021, the number of reported data breaches had already surpassed 2020 totals, which were historic in their own right.