Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sophos

Where AI in the SOC is actually delivering - and where it isn't

Mar 30, 2026 By Jon Munshaw In Sophos
Where AI in the SOC is actually delivering — and where it isn’t“We’ll have a generation of security professionals who can supervise AI but can’t function without it." For all the noise surrounding “agentic AI” in cybersecurity, security operations centers are still wrestling with the same fundamental questions: What does AI genuinely improve today? Where does it fall short? How can organizations tell the difference?
Read Post
sophos

Incident responders, s'il vous plait: Invites lead to odd malware events

Mar 30, 2026 By Vidura Ehalapitiya In Sophos
A phishing campaign targeting multiple organizations led to RMM installations – but not much else (yet). A threat actor experimenting, or an access-as-a-service attack underway? Sophos’ Managed Detection and Response (MDR) teams reported on a phishing campaign late last year that attempted to trick users into installing LogMeIn Resolve (formerly GoToResolve), a remote monitoring and management (RMM) tool, to acquire remote unattended access.
Read Post
WatchGuard

30 Years Driving Detection and Response in Hybrid Environments

Mar 26, 2026 By Stephen Helm In WatchGuard
Over the past 30 years, network security has evolved at the same pace as enterprise infrastructures. What began as a model centered on a clearly defined perimeter has given way to hybrid environments where on-premises infrastructure, cloud services, SaaS applications, remote users, and mobile devices coexist.
Read Post

Episode 11 - The AI Maturity Journey: Data, Agents, and the Shift from Craft to Art

Mar 26, 2026 By Corelight In Corelight
Richard Bejtlich talks with Vijit Nair, VP of Product at Corelight, about the evolving "AI Maturity Journey" for modern security teams. Vijit outlines a three-level spectrum of AI adoption, moving from basic human-driven assistance to automated swarms of agents, and eventually toward fully autonomous systems. They discuss why high-quality, unopinionated data remains the essential foundation for building trust in AI and how technologies like the Model Context Protocol (MCP) are turning human language into the primary interface for tool integration.
View Video
sophos

Cybersecurity for Education - Sophos Protected Classroom

Mar 24, 2026 By Sophos In Sophos
Cybercriminals are targeting schools more than ever, drawn by sensitive student and staff data and the chance to disrupt learning. For educators already managing tight budgets and growing digital demands, a single breach can mean days of downtime and lasting reputational damage. Criminals are increasingly attracted by the valuable and sensitive information education establishments hold, and the opportunity to extort payments using ransomware or the threat of breach exposure.
Read Post
sophos

Sophos Firewall ranked the #1 overall firewall solution in G2's Spring 2026 reports

Mar 24, 2026 By Jon Munshaw In Sophos
Sophos Firewall ranked the overall firewall solution in G2’s Spring 2026 reports Why organizations are choosing Sophos Firewall to reduce exposure and strengthen resilience When organizations evaluate security products, they want real‑world proof of reliability, protection, and ease of management.
Read Post

Corelight Agentic Triage demo

Mar 23, 2026 By Corelight In Corelight
Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.
View Video

Corelight Agentic Triage overview

Mar 23, 2026 By Corelight In Corelight
Corelight is excited to introduce Agentic Triage! In this demo, you can see how Agentic Triage helps SOC analysts filter through alerts and respond quickly to active threats. We combine generative AI with our industry leading log framework to identify the detections and cases that truly matter. This video shows how you can use Agentic Triage to quickly perform deep dives into open detections and make confident decisions to secure your network.
View Video
sophos

NICKEL ALLEY strategy: Fake it 'til you make it

Mar 23, 2026 By Sophos Counter Threat Unit Research Team In Sophos
Counter Threat Unit (CTU) researchers continue to investigate trends in Contagious Interview campaign activity conducted by NICKEL ALLEY, a threat group operating on behalf of the North Korean government. The group notoriously targets professionals in the technology sector by advertising fake job opportunities, deceiving prospective candidates through a fake job interview process, and ultimately delivering malware.
Read Post
sophos

Oracle vulnerability (CVE-2026-21992) impacts core products

Mar 23, 2026 By Sophos Counter Threat Unit Research Team In Sophos
On March 20, 2026, Oracle disclosed a critical (CVSS score of 9.8) vulnerability (CVE-2026-21992) impacting two Oracle Fusion Middleware components: Oracle Identity Manager and Oracle Web Services Manager. An unauthenticated attacker could exploit the vulnerability to obtain network access via HTTP and remotely execute code. Critical functions of the products are exposed due to the lack of network-level authentication. As of this publication, there are no reports of active exploitation.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.