Security Infrastructure

Security Infrastructure | News, how-tos, features, reviews, and videos

IBM sign
Ukraine flag

lorimerlite framework structure build construction

The changing role of the MITRE ATT&CK framework

Organizations are using the MITRE ATT&CK framework as more than a security operations reference architecture, adding new use cases and making it part of strategic future plans.

Security threat   >   One endpoint on a network has been compromised.

XDR: Still confusing after all these years

It’s time to stop debating about what XDR is and focus on how it fits in a security operations center modernization strategy.

gears orange large efficient automated machine learning automation

Making the case for security operation automation

Most organizations are automating security operations processes and achieving benefits. An intelligent strategy and appropriate technology decisions can accelerate these projects.

a burned out, frazzled man in disheveled shirt and tie

Information overload, burnout, talent retention impacting SOC performance

Security operations center leaders and staff report numerous pain points impacting SOC performance.

control room security network monitor support

5 reasons why security operations are getting harder

SOC teams struggle to keep up with a dangerous threat landscape, growing attack surface, and voluminous security alerts.

rules procedures manuals code of conduct

Transparency and policy shapes Cloudflare’s Kiwi Farms decisions

Cloudflare's blocking of hate-based forum Kiwi Farms is the latest in a string of controversial actions and inactions around bad behaving customers. Agree or disagree, the company has stuck to its policy throughout.

two tiny figures study dashed lines with arrows indicating different directions or paths

NIST CSF 2.0 Workshop emphasizes global appeal, metrics and assessment

About 7,000 international workshop attendees heard discussions of NIST's plans for Cybersecurity Framework 2.0, which aims to offer more guidance on supply chain security, measurement, and implementation, among other topics.

security monitoring

How Salvation Army Australia’s CISO moved away from ‘extreme risk’

The Salvation Army Australia had started its move towards cyberresilience before hiring Lachlan McGill, which helped him make cybersecurity and SOC investments a dialogue, not a plea.

Blue holiday snowflake background

Snowflake offers cybersecurity data platform with security app integrations

Snowflake's cybersecurity workload integrates the company's data cloud, storage and query features with tools from cybersecurity vendors, for enhanced threat detection, investigation and alerts.

security monitoring

SOC modernization: 8 key considerations

Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole.

Ariel Weintraub, CISO, MassMutual

MassMutual’s Ariel Weintraub on bringing more intelligence to security

For the insurance company CISO, a do-it-yourself approach to security analytics and SOC staffing, pays off in increased agility and quicker responses to threats.

security integration / network of integrated security technologies

7 top challenges of security tool integration

With organizations using as many as 100 security tools, getting them to work well together is an ongoing battle. These are the most common pitfalls of security tool integration.

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

McAfee, FireEye merger yields Trellix, a unified XDR security company

Trellix will build on existing McAfee and Fire Eye applications, machine learning and automation technology to create an XDR platform of interoperable of products for threat prevention, detection and response.

HP security

VMware launches Carbon Black Cloud MDR to bolster SOC efficiency

VMware's Carbon Black Cloud Managed Detection and Response (MDR) is designed to help company security operations centers (SOCs) gain efficiency with improved threat advisory and containment.

API security alerts displayed on monitors amid binary code / application security

5 tips for reducing false positive security alerts

SOC analysts spend too much time and effort chasing security alerts that incorrect indicate a vulnerability where none exists.

CSO  >  security shield / binary code / handshake / agreement / contract

6 risk factors to know when hiring an MSSP

A managed security services provider can effectively extend an organization's security capabilities or provide affordable security infrastructure if you avoid these common mistakes.

Gate Smart Lock

What is physical security? How to keep your facilities and devices safe from on-site attackers

Securing premises and devices from physical attacks can be just as challenging as defending against cyber threats. Automation and AI are increasingly used to shore up defenses.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

You Might Also Like