Articles about cyber incident investigations

When investigating an incident to contain and remediate a threat, security teams need to understand complex attack patterns, such as malware gestation, score, and sprawl -- the answers to which all lie in the data and systems.

To help with this process Druva is releasing Dru Investigate, a GenAI-powered tool that guides data security investigations using a natural language interface.

Continue reading →

The rapid deployment of cloud resources has led to misconfigurations and security risks, leaving security teams scrambling to adapt and secure their businesses following migrations away from traditional on-premises environments.

Despite successfully enhancing prevention and detection in the cloud, organizations now face a significant challenge in assessing the true scope and impact of issues that do arise.

Continue reading →

Cloud security company Sysdig is launching a new, enhanced cloud-native investigation process designed to cut incident analysis time to just five minutes.

By visualizing a given incident in the Sysdig Cloud Attack Graph, security analysts can gain a dynamic view of the relationships between resources for a better understanding of the killchain and potential lateral movement across a cloud environment.

Continue reading →

Downtime-producing incidents such as application outages and service degradation are putting organizations at risk of losing up to $499,999 per hour on average, so it's no surprise they're turning to AI to help their responses.

A new State of DevOps Automation and AI report from Transposit shows 84.5 percent of respondents either believe AI can significantly streamline their incident management processes and improve overall efficiency or are excited about the opportunities AI presents for automating certain aspects of incident management.

Continue reading →

Investigation of information security incidents is the last stage of enterprise protection and one of its most important parts, helping to minimize the damage caused by hackers and build defenses to prevent future incidents. The investigation assists in evaluating the security of the company's IT infrastructure and in formulating recommendations for its enhancement.

Incident investigation is a crucial component of any enterprise's information security framework. Merely monitoring the work of the security tools is not enough, as security incidents are happening all the time. Without a proper response to these incidents, the enterprise, in effect, lacks adequate information security protection.

Continue reading →