Clik here to view.
Security Automation & Orchestration: A Critical Part of Your Threat...
Cybersecurity threats are often described in military terms. This is not an accident. Like an army tasked with defending territory, a cybersecurity team needs to understand the threats it faces. Their...
View ArticleClik here to view.
Automating the Cybersecurity Incident Response Workflow
Planning and executing a cybersecurity incident response workflow means trying to achieve certainty about facts that cannot be known in advance. Given that challenge, security managers find that...
View ArticleClik here to view.
Utilizing the McAfee Product Suite and Swimlane to Automate Incident Response
McAfee has a robust cybersecurity product suite that several leading organizations utilize as their security operations and incident response platforms. From the SIEM to endpoint protection, McAfee...
View ArticleClik here to view.
Using a Threat Intelligence Platform for Stronger Cybersecurity
Large-scale data breaches and cybercrime continue to rise in the U.S. and across the globe. The Identity Resource Center reported that U.S. data breaches reached an all-time high in 2016, with 1,930...
View ArticleClik here to view.
Too Much Time Spent Creating Cybersecurity Incident Reports? Automate it.
When security analysts investigate an incident, they accumulate numerous notes and information that ends up being stored in multiple tools across the environment. Typically, incident reports include...
View ArticleClik here to view.
Using Security Automation and Orchestration for Incident Alert Management
Ensuring your organization is protected from the cyberattacks that threaten businesses can be a daunting task. As a result, many companies implement a composite of security solutions to protect them...
View ArticleClik here to view.
RSA NetWitness Alerts Managed with Security Automation and Orchestration (SAO)
RSA NetWitness is an advanced threat detection and security intelligence platform that combines the functions of traditional SIEM systems with: Scalable architecture Automated behavior analytics The...
View ArticleClik here to view.
Security Operations Strategy Webinar | SOAPA and SAO: Adapting SecOps...
In a world full of ever-evolving cyber threats, organizations must use robust security tools to protect themselves. The constantly changing threat landscape makes this challenging, as every new tool...
View ArticleClik here to view.
Poison the Well: Offensive Ops for Defenders
The old adage of “The best defense is a good offense” has started to gain traction amongst security operations center (SOC) and information security teams alike. But to many, consistent red teaming...
View ArticleClik here to view.
Enhance the DFIR Process with Powershell and Swimlane – Part 1
If you’ve spent any amount of time in a security operations center (SOC), you know that receiving an alert from a security information and event management (SIEM) or endpoint solution is only the...
View ArticleClik here to view.
Achieving Cyber Resilience through Situational Awareness
Incomplete information can be an obstacle to effective cybersecurity. For example, a security operations (SecOps) team gets an alert from a firewall but cannot easily determine if it is a meaningless...
View ArticleClik here to view.
Enhance the DFIR Process with PowerShell and Swimlane – Part 2
As you saw in part one of this series, PowerShell is a very powerful tool when it comes to the digital forensic and incident response (DFIR) process. As a recap, the current example use case centers...
View ArticleClik here to view.
Building an IT Incident Response Plan
The lock is going to get picked. Maybe not today, but it’s coming soon. In fact, it may be occurring right now… and you just haven’t seen the evidence of it yet. This scenario is playing out against...
View ArticleClik here to view.
Enhance the DFIR Process with PowerShell and Swimlane – Part 3
In part one of this blog series, Swimlane pulled in information centered around the user context in response to a potential incident. Part two of the series dealt with gathering host based information,...
View ArticleClik here to view.
Supply Chain Security
Organizations are constantly monitoring, detecting and trying to respond to alerts and potential threats to their environment from a broad number of sources. One source in particular that can be a bit...
View ArticleClik here to view.
Improve Security Operations Management
As the sophistication and frequency of security attacks continue to rise, security teams are feeling strained. Even as security budgets increase, most enterprises can’t find enough talent to manage it...
View ArticleClik here to view.
Essential Security Automation and Orchestration (SAO) Capabilities
Security automation and orchestration (SAO) solutions help security teams manage a growing volume of alerts and incidents more efficiently by automating manual response workflows. Today, large...
View ArticleClik here to view.
Managing Security Alerts with an Incident Response Platform
The hard truth is that your organization will get breached, so you need to have solutions in place to reduce the negative impacts. And in most organizations, security operations (SecOps) teams are...
View ArticleClik here to view.
Security Automation and Orchestration: Real World Use Cases
Download our eBook 8 Real World Use Cases for Security Automation and Orchestration to read more now. As enterprises confront the growing challenge of hiring enough qualified cybersecurity personnel...
View ArticleClik here to view.
Swimlane ChatOps via Slack Integration
Although ChatOps isn’t new, the solution has continued to gain popularity over the past few years. Instead of the basic instant messaging tools that we’ve come to rely on, ChatOps has evolved into a...
View Article