Articles about SOC

The security operations center (SOC) has long relied on traditional SOAR platforms to manage incidents, but today’s threat landscape is moving too fast for rigid, static approaches. As attackers use AI to evolve their tactics, security teams need smarter, more adaptive systems to keep up.

We spoke to Tom Findling, co-founder and CEO of Conifers.ai, about how AI-powered SOC platforms are helping organizations scale their defenses, improve threat detection, and move from reactive alert management to proactive risk reduction.

Continue reading →

A new survey from Gurucul in collaboration with Cybersecurity Insiders finds that 87 percent of respondents are deploying, piloting or evaluating AI-powered SOC tools, but only 31 percent are using them across core detection and response workflows.

The study, based on responses from over 700 cybersecurity leaders around the world, finds human and identity risks are still a major concern. 78 percent of security leaders identify social engineering and phishing as their top threat, followed closely by identity-based attacks (73 percent). However, 67 percent say they still lack visibility into access behavior and lateral movement.

Continue reading →

As cybersecurity threats grow more sophisticated and relentless, the role of the Security Operations Center (SOC) has never been more critical.

In response organizations are re-imagining their SOCs to address the dual challenges of an evolving threat landscape and a shifting workforce dynamic. We spoke to Scott Scheppers, chief experience officer at LevelBlue to find out more about this shift and how SOC teams are pivotal in safeguarding operations, fostering innovation, and mentoring the next generation of cybersecurity talent.

Continue reading →

A new report from Abnormal AI shows cybersecurity leaders and frontline analysts agree that artificial intelligence is now central to the future of the security operations center (SOC).

The report, titled Human-Centered AI: Redefining the Modern SOC, is based on a survey of nearly 500 professionals across the United States and United Kingdom and reveals that every respondent sees AI as the top business priority for the SOC.

Continue reading →

With new threats such as AI-powered attacks, enterprises must be fully prepared and confident about protecting themselves and their customers and build a unified security operations center (SOC) that combines human expertise with AI advancements.

A new report from Splunk looks at the mounting challenges faced by SOCs. It uncovers the pain points that hamper organizations and open their doors to threats -- 46 percent of respondents say they spend more time maintaining tools than defending the organization, while only 11 percent trust AI completely for mission-critical tasks. Furthermore, 66 percent experienced a data breach in the past year, making it the most common security incident.

Continue reading →

Cyberattackers are targeting holidays and weekends to cause maximum disruption, yet many businesses remain underprepared outside of standard working hours.

A new report from Semperis, based on a survey of almost 1,000 cybersecurity professionals, shows that 86 percent of surveyed organizations in the US, UK, France and Germany that were attacked were targeted during a holiday or weekend.

Continue reading →

A new report from Red Canary finds 87 percent of respondents have been impacted by a security incident they were unable to detect and neutralize in the past year, resulting in data compromise, outages, fines, audit failures and reputational damage.

Based on a study of 700 cybersecurity leaders it finds 73 percent say their attack surface has widened in the past two years, by an average of 77 percent, with 64 percent admitting to having knowledge deficits around securing new technologies.

Continue reading →

A new survey of 900 full-time security decision-makers and practitioners around the world finds that 55 percent of respondents say they're likely to switch jobs in the next year.

The Voice of the SOC report, from secure workflow specialist Tines, shows that 63 percent of the security decision-makers and practitioners surveyed are experiencing burnout amid relentless cyberattacks, internal pressures, and limited resources.

Continue reading →

Security Information and Event Management (SIEM) platforms are the centerpiece of many organization's security controls, but if these products aren't configured correctly they will produce too many false positives to be useful, and can even make overall threat detection worse.

Security analysts need to trust that their SIEM is detecting threats accurately. We spoke to Sanjay Raja from security analytics company Gurucul to discuss how SIEMs can be configured to offer accurate detection.

Continue reading →

A new survey of over 2,000 IT security analysts finds that 71 percent admit their organization may have been compromised and they don't know about it yet.

The study, from Vectra AI, details how analysts are being overwhelmed, as they receive 4,484 alerts on average per day, but can't cope with 67 percent of them. This leads 97 percent to worry that they'll miss important security events.

Continue reading →

Security Operations Centers (SOCs) aim to detect, investigate, remediate, and restore organizational systems to a fully functional, secure state, whether it's defending against insider threats, data exfiltration attempts, or malware attacks.

However, examining the daily issues faced by many SOCs reveals a concerning array of challenges that place increasing pressure on the work of SOCs and the dedicated professionals who manage them.

Continue reading →

Building a security operations center (SOC) is a tall feat. With the global technology talent shortage estimated at 85 million workers by 2030, it is clear that talent is, and will continue to be, hard to find.

Organizations must learn to create a SOC in an adaptable way that makes scaling to meet varying demands of clients simple while addressing the cybersecurity talent shortage. Special considerations should be made regarding tool selection, proper staffing, organizational needs and performing a gap/risk analysis utilizing outside consultation when applicable. Let’s explore a few best practices.

Continue reading →