Blog, Data collection and Threat Detection

How to Measure Threat Detection Quality for an Organization?

Anton on Security

MARCH 24, 2022

Sometimes I write blog posts with answers. In other cases, I write blog posts with questions. This particular blog post covers a topic where I feel I am in the “discovering questions” phase. Here I’m talking about the quality of the entire detection capability of an organization. In other words, don’t expect answers?—?but

Threat Detection

Threat Detection Data collection

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

The Last Watchdog

OCTOBER 23, 2023

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. The Cisco acquisition shall exacerbate these challenges and speed up the adoption of security data lakes.

Architecture

Architecture Threat Detection Engineering Data collection

How to Measure Threat Detection Quality for an Organization?

Security Boulevard

MARCH 24, 2022

Sometimes I write blog posts with answers. In other cases, I write blog posts with questions. This particular blog post covers a topic where I feel I am in the “discovering questions” phase. So, in recent weeks, I had a few simultaneous conversations with various people that focused on the quality of threat detection.

Threat Detection

Threat Detection Data collection

SOC Technology Failures?—?Do They Matter?

Anton on Security

DECEMBER 10, 2021

Hence this blog was born. Data collection failures still plague many SOCs. Now, again, one can also blame this on people and processes (especially, those people in IT who just didn’t give us the data). BTW, if somebody wakes me up at 3:00 a.m. I would name the loss of executive commitment. Yes, DIY SOC tools fail as well.

Technology

Technology CISO Data collection Threat Detection

Decoupled SIEM: Brilliant or Stupid?

Anton on Security

NOVEMBER 6, 2023

The second part of the answer would be to outline the type of an organization that would very much prefer the decoupled SIEM where the best collection and modern storage somehow harmoniously work with the best threat detection and response content. (B)

Engineering

Engineering Data collection Threat Detection Technology

Report Finds Over 50% of Security Practitioners Are Unhappy With Current SIEM Vendor

CyberSecurity Insiders

SEPTEMBER 11, 2021

Security industry blogs, magazines, and websites frequently report that many security teams are frustrated by the limitations of their SIEM tool. Analysts find dealing with data collected from numerous hosts within an enterprise to be a daunting task.

Threat Detection

Threat Detection Data collection Software Engineering

6 Business functions that will benefit from cybersecurity automation

CyberSecurity Insiders

OCTOBER 28, 2021

This blog was written by an independent guest blogger. Cybersecurity automation gives organizations the ability to perform threat detection and incident response at scale. Many security professionals spend hours each day manually administering tools to protect enterprise data. Data privacy.

Cybersecurity

Cybersecurity Data privacy Small Business Threat Detection

How your business can benefit from Cybersecurity automation

CyberSecurity Insiders

NOVEMBER 24, 2021

This blog was written by an independent guest blogger. Cybersecurity automation gives organizations the ability to perform threat detection and incident response at scale. Many security professionals spend hours each day manually administering tools to protect enterprise data. Data privacy.

Cybersecurity

Cybersecurity Data privacy Small Business Threat Detection

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

Each new cyber attack is more sophisticated than the last, leaving traditional security measures unable to spot the next threat. Security analysts need the ability to view attacks as they unfold by enriching data collected from across the business with contextual and behavioral insights. Active learning.

CISO

CISO Cyber Attacks Data collection Cybersecurity

Preparing for IT/OT convergence: Best practices

CyberSecurity Insiders

SEPTEMBER 21, 2021

This blog was written by a colleague from Tenable. They include: • Threat Detection that combines behavioral anomalies with policy-based rules. • Enterprise visibility to ensure that all data collected integrates to a single pane of glass. . What is OT vs. IT? Conclusion.

Energy and Utilities

Energy and Utilities Threat Detection Manufacturing Technology

Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories

Cisco Security

JUNE 30, 2021

Secure Network Analytics uses flow telemetry such as NetFlow, jFlow, sFlow, IPFIX, and packet-level data and helps in reducing the risk to an organisation. IDENTIFY – Asset Management (H/W and S/W inventories; communication and data flow are mapped). How much data was exchanged? [NB: NIST CSF Categories and Sub-Categories.

Threat Detection

Threat Detection Risk Data collection Internet

More SRE Lessons for SOC: Simplicity Helps Security

Anton on Security

NOVEMBER 17, 2022

Phil’s 8 megatrends blog reminds us about this by calling one of his cloud megatrends “Simplicity: Cloud as an abstraction machine.” We can add: also for security and threat “detectability” and “investigability” (can we just say observability ?). In detection content? Metrics and associated data collection?

Engineering

Engineering Software Data collection Architecture

Agentic AI: A New Way to Accelerate Your Security Operations

Digital Shadows

OCTOBER 29, 2024

In a previous blog , we covered how generative AI is enhancing the speed and effectiveness of security operations, particularly through data synthesis and summarization. However, as threats evolve, security operations teams need to lean on the most advanced tools to contain threats as efficiently and swiftly as possible.

Threat Detection

Threat Detection Data collection Data privacy Phishing

Agentic AI: A New Way to Accelerate Your Security Operations

Digital Shadows

OCTOBER 24, 2024

In a previous blog , we covered how generative AI is enhancing the speed and effectiveness of security operations, particularly through data synthesis and summarization. However, as threats evolve, security operations teams need to lean on the most advanced tools to contain threats as efficiently and swiftly as possible.

Threat Detection

Threat Detection Data collection Data privacy Phishing

Drawing the RedLine – Insider Threats in Cybersecurity

Security Boulevard

MARCH 31, 2022

Data collection from FTP clients, IM clients. In a blog post published on March 22nd, 2022, Microsoft confirmed that one of their user accounts had been compromised by the Lapsus$ (also known as DEV-0537) threat actor, though they claimed that the information accessed was limited and that “no customer code or data was involved”.

Cybersecurity

Cybersecurity Social Engineering Passwords Malware

The Case for Multi-Vendor Security Integrations

Cisco Security

AUGUST 26, 2022

The AlienApp for Cisco Secure Endpoint enables you to automate threat detection and response activities between USM Anywhere and Cisco Secure Endpoint. Data collected from Umbrella can then be routed to Sumo’s Cloud SIEM, where it is then automatically normalized and applied to our rule’s engine. Happy integrating!

Firewall

Firewall Authentication Passwords Threat Detection

Top 7 Threat Intelligence Platforms for 2024

Centraleyes

OCTOBER 17, 2024

The Role of Cyber Threat Intelligence Platforms Given the sheer volume of threat data available, managing and making sense of it requires more than manual effort. This is where Threat Intelligence Platforms (TIPs) come into play. In 2024, the demand for robust and reliable TIPs has never increased.

Threat Detection

Threat Detection Cyber threats Artificial Intelligence Risk

More SRE Lessons for SOC: Simplicity Helps Security

Security Boulevard

NOVEMBER 17, 2022

Phil’s 8 megatrends blog reminds us about this by calling one of his cloud megatrends “Simplicity: Cloud as an abstraction machine.” We can add: also for security and threat “detectability” and “investigability” (can we just say observability ?). In detection content? Metrics and associated data collection?

Engineering

Engineering Software Data collection Architecture

Top MDR Services for 2021

eSecurity Planet

MAY 5, 2021

Despite the similarity in name to endpoint detection and response (EDR) technology, MDR providers are more like general managed security service providers (MSSPs) , operating on all layers of an organization’s infrastructure, including the network, endpoints, applications and other IT resources. Secureworks. Armor Anywhere.

Threat Detection

Threat Detection Technology Artificial Intelligence Cybersecurity

SOC Technology Failures?—?Do They Matter?

Security Boulevard

DECEMBER 10, 2021

Hence this blog was born. Data collection failures still plague many SOCs. Now, again, one can also blame this on people and processes (especially, those people in IT who just didn’t give us the data). BTW, if somebody wakes me up at 3:00 a.m. I would name the loss of executive commitment. Yes, DIY SOC tools fail as well.

Technology

Technology CISO Data collection Threat Detection

Cyber Adversary Infrastructure, Explained

Security Boulevard

MAY 24, 2023

HYAS builds correlations and combinations between all the data points in the graph database which drive intelligence and ultimately decisions that link what has happened to what is happening now and what will happen in the future. Data is power. HYAS gives our clients and partners visibility.

Cyber Attacks

Cyber Attacks Phishing Malware Cyber threats

The Best 15 Enterprise Compliance Solutions Tools of 2024

Centraleyes

DECEMBER 1, 2024

HighBond by Diligent HighBond consolidates audit, compliance, risk, and security management into a single platform, with real-time data collection and reporting. The platform’s scalability is frequently highlighted as a key strength.

Risk

Risk B2B Data privacy B2C

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

McAfee

NOVEMBER 12, 2020

Introducing SOCwise a monthly series of blogs, podcasts and talks driven by two highly experienced and devoted security operations professionals. These are just some of the questions we will try to answer in this blog series. The post SOCwise: A Security Operation Center (SOC) Resource to Bookmark appeared first on McAfee Blogs.

Engineering

Engineering Data collection Risk Cyber Risk

Cyber Security Informer

How to Measure Threat Detection Quality for an Organization?

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

Trending Sources

How to Measure Threat Detection Quality for an Organization?

SOC Technology Failures?—?Do They Matter?

Decoupled SIEM: Brilliant or Stupid?

Report Finds Over 50% of Security Practitioners Are Unhappy With Current SIEM Vendor

6 Business functions that will benefit from cybersecurity automation

How your business can benefit from Cybersecurity automation

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

Preparing for IT/OT convergence: Best practices

Mapping Secure Network Analytics (and Cognitive) to NIST CSF Categories and Sub-Categories

More SRE Lessons for SOC: Simplicity Helps Security

Agentic AI: A New Way to Accelerate Your Security Operations

Agentic AI: A New Way to Accelerate Your Security Operations

Drawing the RedLine – Insider Threats in Cybersecurity

The Case for Multi-Vendor Security Integrations

Top 7 Threat Intelligence Platforms for 2024

More SRE Lessons for SOC: Simplicity Helps Security

Top MDR Services for 2021

SOC Technology Failures?—?Do They Matter?

Cyber Adversary Infrastructure, Explained

The Best 15 Enterprise Compliance Solutions Tools of 2024

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Stay Connected