Security analytics and automation

Security analytics and automation provide enterprises the data needed to help defend against a barrage of cyber threats. A toolkit combining threat intelligence sharing and services with SIEM and SOAR systems as well as threat hunting is key to success.

September 29, 2021 29 Sep'21
Group-IB CEO Ilya Sachkov charged with treason in Russia

Group-IB maintains the innocence of CEO and founder Ilya Sachkov and said that co-founder and CTO Dmitry Volkov will assume leadership of the company.
February 05, 2021 05 Feb'21
Risk & Repeat: Diving into the dark web

This week's Risk & Repeat podcast discusses the state of the dark web in 2021, how it has changed and what enterprises should know about the threats that exist there.
May 11, 2020 11 May'20
Volunteers join forces to tackle COVID-19 security threats

The COVID-19 Cyber Threat Coalition has amassed approximately 4,000 volunteers from the infosec community to monitor, analyze and block pandemic-themed threats across the globe.
February 24, 2020 24 Feb'20
Cisco launches SecureX platform for integrated security

At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.

Bring yourself up to speed with our introductory content

Elastic Stack Security tutorial: How to create detection rules

This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data. Continue Reading
SIEM vs. SOAR vs. XDR: Evaluate the differences

SIEM, SOAR and XDR share similar definitions, but each has distinct drawbacks. Learn what each offers and how they differ for help deciding which to deploy in your company. Continue Reading
SOAR vs. SIEM: What's the difference?

When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Elastic Security app enables affordable threat hunting

New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers. Continue Reading
How to evaluate and deploy an XDR platform

Not all extended detection and response platforms are created equal. Don't take the XDR plunge before knowing exactly what to look for in an XDR platform. Continue Reading
5 cyber threat intelligence feeds to evaluate

Cyber threat intelligence feeds help organizations up their security game. While the 'best' feeds vary depending on a company's needs, here are five leading services to consider. Continue Reading

Learn to apply best practices and optimize your operations.

Start managing with these Microsoft Graph API features

Microsoft Graph offers several administrative advantages when handling jobs on Microsoft 365 and Azure AD, but be aware of some potential trouble spots when employing this technology. Continue Reading
Adopting threat hunting techniques, tactics and strategy

Adopt threat hunting techniques that analyze the right data, detect anomalies, use frameworks and compare success metrics, combining manual techniques with AI and machine learning. Continue Reading
How to get actionable threat intelligence from tech tools

Even advanced threat intelligence tools can't do it all alone. Learn what it takes to parse actionable insights from the information that threat intelligence feeds gather. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to address and prevent security alert fatigue

An influx of false positive security alerts can lead infosec pros to overlook real threats. Learn how to avoid security alert fatigue and avoid its potential consequences. Continue Reading
DHS-led agency works to visualize, share cyber-risk information

A Department of Homeland Security initiative strives to improve cybersecurity information sharing between the public and private sector, but familiar challenges remain. Continue Reading
IT sabotage: Identifying and preventing insider threats

Preventing IT sabotage from insider threats can be a challenge. Peter Sullivan explains how enterprises should monitor for characteristics of insider threat behavior. Continue Reading