Sitdown With a SOC Star: 11 Questions with Cyrus Robinson of Ingalls Information Security

This installment of “Sitdown” shifts from the end-user world to the vendor world, where we schmooze with Ingalls Information Security’s Cyrus Robinson, whose upbringing exposed him to computers and later a stint in the U.S. Air Force got him hooked on cybersecurity.


Security operations center, Part 3: Finding your weakest link

Any organization with data assets is a possible target for an attacker. Hackers use various forms of advanced cyberattack techniques to obtain valuable company data; in fact, a study by the University of Maryland showed that a cyberattack takes place every 39 seconds, or 2,244 times a day on average. This number has increased exponentially since the COVID-19 pandemic forced most employees to work remotely, and drastically increased the attack surface of organizations around the world.


Building a Superstar SOC with Automation and Standardization

When you have a team of security analysts that have a wide range of expertise, knowledge, and experience, it is natural to see the difference in the quality of work performed. One of the biggest challenges that security operation managers face when auditing the work performed is that some team members may execute different steps at different levels of rigor when investigating and remediating threats.


Stories from the SOC - Beaconing Activity

Beaconing analysis is one of the most effective methods for threat hunting on your network. In the world of malware, beaconing is the act of sending regular communications from an infected host to an attacker-controlled host to communicate that the infected host malware is alive and ready for instructions. It is often one of the first indications of a botnet malware infection, so it’s important to spot the beaconing behavior before the infected host can expose data or launch an attack.


Security operations center, Part 2: Life of a SOC analyst

In the first part of this blog series, we saw a brief overview of what a security operations center (SOC) is and how it operates. In this part, we’ll take a look at the typical activities that SOC analysts carry out every day to protect their organization from constantly evolving cyber threats and the skill sets that come in handy in effectively carrying out their duties.


Selecting the Best SOAR Solution Series: Throw the (Play)book at 'Em! (Part 4)

Welcome to Part 4 of our series examining how to select the best security, orchestration, automation and response (SOAR) solution for your business. In Part 1, we defined what SOAR platforms set out to do at their core. In Part 2, we listed the key core competencies that you can expect to find in a SOAR solution. In Part 3, we dove into one of those core competencies: case management. Part 4 will focus on the bread and butter of the SOAR category: playbooks.


How SOAR Helps Service Providers Meet MSSP Challenges, Featuring Forrester Research [Video]

The modern SOC is a hybrid SOC, featuring a blend of in-house and outsourced professionals. For the latter group, security operations is their business, and MSSPs have discovered that SOAR technology provides a slew of benefits, including process consistency, speed and efficiency for analysts, and client collaboration and transparency.

SOCstock 2020 | The Grooviest Event for Security Operations Professionals

Enjoy this sizzle reel recapping the inaugural SOCstock. Dubbed “the grooviest event for security operations,” SOCstock is a world-class virtual event featuring renowned and respected infosec speakers providing attendees with the very latest security operations trends, research and best practices. But it isn't just about what was happening on stage. SOCstock also features funky swag, far-out contests, talented entertainers and more (no mud involved).

Incorporating SOAR into Zero Trust and MITRE ATT&CK: A Conversation With Forrester Research

What happens when two revered security frameworks get a dose of SOAR? Forrester's Joseph Blankenship and Dr. Chase Cunningham join Siemplify CMO Nimmy Reichenberg to assess the role that automation & orchestration play in the Zero Trust and MITRE ATT&CK models.