HackDig : Dig high-quality web security articles

The Journey to Simplicity: User Experience in Security

Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with — too many solutions, not enough people, not enough visibility. With the average organization dep
Publish At:2020-06-10 11:12 | Read:798 | Comments:0 | Tags:Security Intelligence & Analytics Threat Hunting Design Thin

A Guide to Easy and Effective Threat Modeling

Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker’s point of view. The purpose of threat modeling is to provide defenders with a systematic analysis of the probable attacker’s profile, the most likely attack vectors and the assets most desired by an attacker. Ef
Publish At:2020-02-27 09:41 | Read:1967 | Comments:0 | Tags:Application Security Security Intelligence & Analytics Appli

The Case for Integrating Dark Web Intelligence Into Your Daily Operations

Some of the best intelligence an operator or decision-maker can obtain comes straight from the belly of the beast. That’s why dark web intelligence can be incredibly valuable to your security operations center (SOC). By leveraging this critical information, operators can gain a better understanding of the tactics, techniques and procedures (TTPs) emplo
Publish At:2020-02-09 10:30 | Read:1299 | Comments:0 | Tags:Risk Management Security Intelligence & Analytics Artificial

Seven Steps to Improve Your Security Operations and Response

It’s hard to escape the reality that every day, cyberthreats morph and expand, escalating the need to improve and tighten security operations and response practices. While it may feel overwhelming, there are ways to help level the playing field. Cognitive computing and machine learning are new technologies that can empower security practitioners to foc
Publish At:2017-09-05 09:35 | Read:5407 | Comments:0 | Tags:CISO Cognitive Endpoint Incident Response Security Intellige

Security Monitoring and Analytics: Moving Beyond the SIEM

This is the final installment in a three-part series. Be sure to read Part 1 and Part 2 for more information. Improving integration, visibility and analytics with a platform approach to security information and event management (SIEM) is the means to the business value of security, compliance and operational efficiency. Security teams are operating in an
Publish At:2017-08-21 15:05 | Read:4288 | Comments:0 | Tags:Security Intelligence & Analytics Security Analytics Securit

Not Enough Hours in the Day? Respond Faster With Automated, Intelligent Security Analytics

When you work in the cybersecurity industry, the skills shortage isn’t just a news topic — it’s a serious business challenge. How can security teams defend against cybercriminals and their ever-evolving attack techniques when they’re significantly outnumbered? How can they successfully dig through millions of events across dozens of point s
Publish At:2017-08-16 09:00 | Read:4255 | Comments:0 | Tags:Cognitive Security Intelligence & Analytics Analytics Cognit

Security Monitoring and Analytics: Faster Time to Action

This is the second installment in a three-part series. Be sure to read the first installment for more information. In highlighting the difference between tools and platforms for security monitoring and analytics initiatives, one of the biggest benefits of a platform approach is that it lets your security analysts be analysts instead of researchers. Download
Publish At:2017-08-14 16:56 | Read:4196 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar Security Intell

Security Monitoring and Analytics: From Tools to Platforms

Janus, the ancient Roman god of beginnings and endings — from which we get the name for January, the first month of the calendar year — was depicted as having two faces: one looking backward and one looking forward. In the context of time, it can be argued that security monitoring and analytics initiatives are the Janus of contemporary cybersecurity. LetR
Publish At:2017-08-07 21:55 | Read:4283 | Comments:0 | Tags:Security Intelligence & Analytics Incident Forensics Securit

Monitor Your Network for NotPetya in Real Time

The cyberthreat intelligence (CTI) community has not yet agreed on attribution for the threat actor behind the NotPetya malware, but it is actively investigating. The apparent objective of NotPetya is to destroy infected computers, not necessarily to hold data ransom. Hopefully, you have already invested in solid backups. But when it comes to further manag
Publish At:2017-07-19 08:05 | Read:4911 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar Security Intell

Preventative Medicine: Get a Health Check for Your SIEM

As a child, I used to dread going for my annual checkup. Whether it was the anxiety of receiving shots or being poked and prodded, the lollipop at the end never really made up for the angst beforehand. With age comes wisdom, however, and I now understand why a health check is important for the human body to function properly. In a security scenario, a health
Publish At:2017-07-12 10:20 | Read:3951 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar SIEM IBM Securi

Using SIEM Solutions to Connect the Security Dots and Detect Ransomware

Many companies, organizations, groups and individuals who are vigilant in the face of new cyberthreats create highly advanced detection and prevention systems to help potential victims identify and remediate security events as quickly as possible. While these controlling, monitoring and alerting mechanisms can be used in isolation, their true value lies in
Publish At:2017-07-07 01:30 | Read:6094 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar SIEM Malware Ra

Spot (and Remedy) the Rotten Apple Before It Spoils the SIEM Barrel

We all have heard the proverb: One rotten apple can spoil the whole barrel. This also applies to many practical scenarios in our day-to-day life, like finding a stinky sock in a pile of fresh laundry. Similarly, in a security operations center (SOC), one of the tasks security analysts spends most of their time on is identifying and detecting the actual threa
Publish At:2017-07-05 12:40 | Read:4739 | Comments:0 | Tags:Incident Response Security Intelligence & Analytics Collabor

The Emergence of Virtual Reality and Augmented Reality in the Security Operations Center

Organizations are increasingly clustering their skills and capabilities into security operations centers (SOCs). An SOC is a focused facility where security specialists monitor, assess and defend against computer security issues. Introducing virtual reality (VR) and augmented reality (AR) technology into this environment can enhance the team’s performa
Publish At:2017-07-03 23:50 | Read:4834 | Comments:0 | Tags:Security Intelligence & Analytics IBM QRadar SIEM Security I

Avoiding Security Hype, the Hazard From Hollywood

If it’s summer, it must be Hollywood blockbuster season. Disaster! Horror! Explosions! Supervillains! But in the corporate world, it’s summer blockbuster season year-round. Networks of zombie bots! Twisted teenage genius hackers! The chills and thrills are dramatic, and they make for easy presentations. Give the audience enough explosions, and
Publish At:2017-06-06 08:50 | Read:4311 | Comments:0 | Tags:CISO Chief Information Security Officer (CISO) Cybersecurity

Using Security Intelligence to Detect Insider Threats From Cloud-Based Applications

Microsoft Office 365 is popular — very popular. In 2016, Gartner reported that 78 percent of enterprises surveyed used or planned to use Office 365. With access to a range of user activity events from a variety of sources, including Exchange Online, SharePoint Online and Azure Directory, how can Office 365 administrators correlate all this valuable data wit
Publish At:2017-05-26 08:10 | Read:5545 | Comments:0 | Tags:Cloud Security Data Protection Identity & Access Security In