Incident Response
SEC Cyber Incident Reporting Rules Pressure IT Security Leaders
As the SEC gets tough on businesses' cybersecurity posture, IT security leaders will need to beef up incident response plans ...
Security Boulevard
How to Build a Phishing Playbook Part 2: Wireframing
Kartik Subramanian, Engineering | | Cybersecurity Containment Strategies, Cybersecurity Recovery Actions, Cybersecurity Workflow Design, Email Authentication Techniques, Incident Response, Incident Response Stages, Phishing Investigation Techniques, Phishing Playbook Automation, Phishing Triage and Enrichment, Smart SOAR Integration, SOAR, Wireframing Security Processes
Welcome back to our series on automating phishing investigation and response with playbooks in Smart SOAR. This is a four-part series covering preparation, wireframing, development, and testing. In this part, we’ll be ...
Advancing SOAR Technology: Key 2023 Updates in Incident Response Automation
Pierre Noujeim | | Advanced Analytics, Automation, Cybersecurity, Incident Response, MSSP Solutions, MSSPs, Playbook Customization, Role-Based Access Control, security integration, SOAR, SOAR technology, user experience
In 2023, we’ve achieved a remarkable milestone in the cybersecurity landscape by securing 70% of our new business from security teams eager to upgrade from their existing Security Orchestration, Automation, and Response ...
What’s New in Smart SOAR (December 2023 Release)
Casper Leung | | Automation, Incident Response, orchestration, Playbook Editor, SBN News, Smart SOAR, SOAR, tenant-management, utility commands
Our latest update to Smart SOAR brings many enhancements that provide a more nuanced control over incident management and tenant operations. Key updates include a redesigned Playbook Editor with a new task ...
CACTUS Qlik Ransomware: Vulnerabilities Exploited
Wajahat Raja | | Analytics Software, Arctic Wolf, BI Systems, BITS, CACTUS Qlik Ransomware, CVEs, Cyberattack Campaign, Cybersecurity, Cybersecurity News, Data Visualization, Double Extortion, Exploits, HTTP Tunneling, Incident Response, ManageEngine UMES, patching, path traversal, powershell, Qlik Sense, ransomware tactics, Rclone, RDP, Remote Code Execution, Security Vulnerabilities, Sophos Endpoint Security, threat actors, VPN Appliance Flaws, WizTree
A cyberattack campaign dubbed the CACTUS Qlik Ransomware has become prominent in ransomware attacks on BI systems. Researchers have warned of threat actors exploiting three Qlik security vulnerabilities to target different organizations ...
How Data Ingestion Works in SOAR
Flora Zhang, Engineering | | API Integration, Cybersecurity, Data Ingestion, Endpoint security, Incident Response, Network Security, Pull Requests, Security Automation, SOAR, Webhooks
SOAR tools work as consolidation platforms for security alerts and incident response. Endpoint security tools, network security tools, email systems, and other tools collect logs, run detection rules and generate alerts. SOAR ...
5 Security Benefits of Application Mapping
Gilad David Maayan | | application mapping, Application Security, AppSec, Incident Response, vulnerability
Application mapping can have many advantages for organizations managing complex IT infrastructure, not the least of which is security ...
Security Boulevard
How to Build a Phishing Playbook Part 1: Preparation
Kartik Subramanian, Engineering | | Active Directory, Checkpoint Firewall, CrowdStrike, Cybersecurity, Incident Response, Office 365 Integration, OSINT, Phishing Attacks, Recorded Future, SOAR, SOAR platform
Automating response to phishing attacks remains one of the core use-cases of SOAR platforms. In 2022, the Anti-Phishing Working Group (APWG) logged ~4.7 million phishing attacks. Since 2019, the number of phishing ...
Trend Micro Adds AI Tool While Extending CNAPP Reach
Michael Vizard | | Cloud Security, Cloud-Native Security, cnapp, generative AI, Incident Response, Trend Micro
Trend Micro's generative AI tool, Trend Companion, leverages natural language to reduce toil by bringing context to alerts and reducing incident investigation times ...
Security Boulevard
How to Achieve Holistic Security Measurement in Detection, Investigation, and Response
Achieving a holistic view of security operations performance is essential for organizations to make informed decisions and demonstrate the impact on business outcomes. Most cybersecurity metrics available come from individual security tools ...