Category Archives: Security Services

Operationalize cyber risk quantification for smart security

Posted on by

Organizations constantly face new tactics from cyber criminals who aim to compromise their most valuable assets. Yet despite evolving techniques, many security leaders still rely on subjective terms, such as low, medium and high, to communicate and manage cyber risk. These vague terms do not convey the necessary detail or insight to produce actionable outcomes […]

The post Operationalize cyber risk quantification for smart security appeared first on Security Intelligence.

Continue reading Operationalize cyber risk quantification for smart security

Pentesting vs. Pentesting as a Service: Which is better?

Posted on by

In today’s quickly evolving cybersecurity landscape, organizations constantly seek the most effective ways to secure their digital assets. Penetration testing (pentesting) has emerged as a leading solution for identifying potential system vulnerabilities while closing security gaps that can lead to an attack. At the same time, a newer entrant into the security arena is Pentesting […]

The post Pentesting vs. Pentesting as a Service: Which is better? appeared first on Security Intelligence.

Continue reading Pentesting vs. Pentesting as a Service: Which is better?

How I got started: Attack surface management

Posted on by

As the threat landscape multiplies in sophistication and complexity, new roles in cybersecurity are presenting themselves more frequently than ever before. For example, attack surface management. These cybersecurity professionals are responsible for identifying, mapping and securing all external digital assets an organization owns or is connected to. This includes servers, domains, cloud assets and any […]

The post How I got started: Attack surface management appeared first on Security Intelligence.

Continue reading How I got started: Attack surface management

X-Force uncovers global NetScaler Gateway credential harvesting campaign

Posted on by

This post was made possible through the contributions of Bastien Lardy and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The […]

The post X-Force uncovers global NetScaler Gateway credential harvesting campaign appeared first on Security Intelligence.

Continue reading X-Force uncovers global NetScaler Gateway credential harvesting campaign

Does your security program suffer from piecemeal detection and response?

Posted on by

Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of […]

The post Does your security program suffer from piecemeal detection and response? appeared first on Security Intelligence.

Continue reading Does your security program suffer from piecemeal detection and response?

How I got started: SIEM engineer

Posted on by

As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless onslaught of cyber threats. SIEM engineers meticulously monitor, analyze and manage security events and incidents […]

The post How I got started: SIEM engineer appeared first on Security Intelligence.

Continue reading How I got started: SIEM engineer

How IBM secures the U.S. Open

Posted on by

More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with the USTA, developing powerful generative AI […]

The post How IBM secures the U.S. Open appeared first on Security Intelligence.

Continue reading How IBM secures the U.S. Open

From Caribbean shores to your devices: analyzing Cuba ransomware

Posted on by

The article analyzes the malicious tactics, techniques and procedures (TTP) used by the operator of the Cuba ransomware, and details a Cuba attack incident. Continue reading From Caribbean shores to your devices: analyzing Cuba ransomware

Machine learning operations can revolutionize cybersecurity

Posted on by

Machine learning operations (MLOps) refers to the practices and tools employed to streamline the deployment, management and monitoring of machine learning models in production environments. While MLOps is commonly associated with data science and machine learning workflows, its integration with cybersecurity brings new capabilities to detect and respond to threats in real-time. It involves streamlining […]

The post Machine learning operations can revolutionize cybersecurity appeared first on Security Intelligence.

Continue reading Machine learning operations can revolutionize cybersecurity

Zero-day attacks are on the rise. Can patches keep up?

Posted on by

That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes to how intruders are getting into the network, it depends on the organization’s location. Spearphishing […]

The post Zero-day attacks are on the rise. Can patches keep up? appeared first on Security Intelligence.

Continue reading Zero-day attacks are on the rise. Can patches keep up?