detection and response
Mean Time to Exploit Has Gone Negative. Security Strategy Has to Change.
Mandiant's M-Trends 2026 report puts estimated mean time to exploit at negative seven days. That number should reset how security leaders think about vulnerability management. It means exploitation is now routinely occurring ...
RSAC 2026 Innovation Sandbox | Humanix: People-Oriented Social Engineering Attack Detection and Response
Company Profile Humanix (see Figure 1) is a cybersecurity company focusing on human-centric threat detection and response, dedicated to protecting enterprises from social engineering attacks against “people”, headquartered in the San Francisco ...
The Seam in Cybersecurity Defenses That Nation-States Keep Exploiting
The Notepad++ supply chain compromise is the latest proof that sophisticated adversaries are deliberately targeting the gap between two disciplines: Vulnerability management and detection and response. ...
Beyond “Is Your SOC AI Ready?” Plan the Journey!
You read the “AI-ready SOC pillars” blog, but you still see a lot of this:Bungled AI SOC transitionHow do we do better?Let’s go through all 5 pillars aka readiness dimensions and see what we ...
Anton’s Alert Fatigue: The Study
Mention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, ...
Three ‘Must Solve” Challenges Hindering Cloud-Native Detection and Response
As security teams level up to support the cloud-native transition, three major issues keep impeding detection and response in the cloud ...
HPE Infuses AI Into Network Detection and Response Platform
Hewlett Packard Enterprise (HPE) this week at the Black Hat USA 2024 conference extended its network detection and response (NDR) capabilities that make use of artificial intelligence (AI) models to enable behavioral ...
Frameworks for DE-Friendly CTI (Part 5)
This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator.In this blog (#5 in the series), we will build a quick “framework-lite” for ...
Threat-informed or Threat-owned? Classic Practices Will Probably Save You!
So, if you are too busy to read our amazing (duh!) new blog “Revisiting Traditional Security Advice for Modern Threats”, here are the key ideas from it.At some point, a “pre-owned” (compromised before ...
New Report “State of Cloud Threat Detection and Response”
Cloud D&R Report (2023)One of the mysteries of detection and response (D&R) is about how companies really approach D&R in the public cloud. So we did a survey focused on this, and we ...
