Actionable Insights for CISOs
Cyber terrorism is not limited to nation-states or military targets. Any organization that supports public services, financial systems, or digital trust can become a targ
In today’s rapidly evolving threat landscape, Security Operations Centers (SOCs) face mounting pressure to investigate incidents faster and with higher accuracy. Analysts spend valuable time switching between tools, writing queries, and compiling inc
While decoupled SIEMs offer flexibility by separating data collection, storage, and threat detection, they may introduce complexity and integration challenges. As
Join us for a live AI Demo Talk on "AI-Powered SOC Agent: Conversational Security Investigations with Whatsapp, Splunk & Gemini" with Sanglap Patra, Cybersecurity Engineer (SIEM & SOAR), Nielsen.
What You'll See :
I will be really, really honest with you — I have been totally “writer-blocked” and so I decided to release it anyway today … given the date.
So abit of history first. So, my “SOC visibility triad” was released on August 4, 2015 as a Gartner blog (it
“Flickering screens, a sickly, yellow glow. Humming servers, a constant, low thrum of digital malaise. Alerts screamed into the void, a cacophony of meaningless noise, lost in the echoing expanse of our digital tomb. Playbooks, relics of a forgotten
After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.”
As a reminder (and I promise you do need it; it has been years…), the previous 4 p
My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans O
Do you have a fair-weather friend? Or two?
Fair weather friend (via Google)
OK, do you also have a fair-weather SOC?
This train of thought was inspired by reading pilot forums about how some training approaches lea
Cybersecurity is a constantly changing battleground, where threats are evolving more rapidly than ever before. For Enoch Long, Field CISO at JupiterOne, navigating this complex environment requires not only technical expertise, but also a calm and st
Learn Modern SOC and D&R practices for free from Google! Yes, really! That’s the message. Join *hundreds* of others who already signed up!
Now, with full details….
After some ungodly amount of work, the original ASO crew (but really Iman!) put toget
Mention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, to be sure, but there are some!) and ask him about alert fati
Cross-posted from Anton on Security
As you are reading our recent paper “Autonomic Security Operations — 10X Transformation of the Security Operations Center”, some of you may think “Hey, marketing inserted that 10X thing in there.”
Well, 10X thinking
Now, we all agree that various cloud technologies such as SaaS SIEM help your Security Operations Center (SOC). However, there’s also a need to talk about how traditional SOCs are challenged by the need to monitor cloud computing environments for thr
This paper outlines industry best practices for building and maturing a security operations center (SOC). For those organizations planning to build a SOC or those organizations hoping to improve their existing SOC, this paper will outline the typical
Organizations around the globe are investing heavily in cyber defense capabilities to protect their critical assets. Whether protecting brand, intellectual capital, and customer information or providing controls for critical infrastructure, the means
Building a new SOC capability may involve lot of planning and would attract huge initial investment.
While there are multiple approaches to address this, given below are some of the simple steps one can follow:
1. Understanding Business Goals, type of
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
