SOC

Skills Shortage: The Intelligent Application of Force Multipliers

Many organizations struggle to staff and maintain security operation teams due to a serious shortage of skilled security analysts. The struggle isn’t just about filling open roles; it is equally hard to drive the needed productivity of the resources already in house to make sure the alert that matters doesn’t go unnoticed. Both new and…

Turbocharge your Threat Detection and Response with Endpoint Data

In 1860, Belgian inventor Jean Joseph Etienne Lenoir created a gas-fired internal combustion engine; it was the first internal combustion engine to be mass-produced in large numbers. The design wasn’t perfect by any means, but it was a large step forward, and countless engineers have continued to iterate on the concept even to this present…

The Myth of the Easy Button Approach to Information Security

By: Wes Riley and Erik Heuser In twenty plus years navigating the complexities of the information security (InfoSec) industry a common theme emerges: the fascination with creating the digital panacea, or Easy Button. Marketing departments highlight their product in the best light possible and tell you it will solve all your InfoSec headaches. Years of…

Metrics (Not Just Fun Facts!) Are key to driving a Business-Driven Security™ Strategy

Dave Gray & Azeem Aleem “What’s Measured Improves” Peter Drucker It’s mid-2017 and we have already witnessed the conundrum across organizations as the pressure of building a more efficient business creates loopholes for cyber criminals to gain an advantage. In a previous blog we talked about the traditional perimeter melting away and how the “not…

Failure to Communicate: Why SOCs Fail!

I’ve had the privilege of working in a few different SOCs at various maturity levels ranging from the stony shores of regulatory compliance – “Yes, we have a security solution”, to the deep shark-infested waters of a global enterprise under frequent attack by nation state-sponsored attack groups. Throughout all of these different engagements, I’ve worked…

Chasing the Rabbit: Cybersecurity Through the Camera Lens

Azeem Aleem and Dave Gray Nothing will work if you are not serious about it – Sam Abell This blog is intended to take a different perspective (pun intended) of how we view our security platforms and how to go about rationalizing our Business-Driven Security™ decisions about cyber threats and mitigation strategies. It all comes…

Black Hat Asia NOC: Malware visibility

By Chris Thomas and Mike Sconzo In the Black Hat Asia NOC we worked to ensure the wireless network was available for presenters and attendees. As part of our monitoring, we kept an eye open for any malware present on the network. RSA NetWitness® Suite’s Malware Detection capabilities look for network sessions containing file-types typically…

The evolution of a Threat Pattern

In an era of agile development and digital transformation, any application is subject to ongoing enhancement and improvement. Indeed, software engineering is a complex process with many interdependent tasks where multiple functions share responsibilities to strike a balance between software quality and business objectives, regardless of the specialized nature of the teams within the organizational…

The Latest From The RSA NOC At Black Hat Asia

When sitting in the Network Operations Center (NOC) for one of the world’s largest hacker and security conferences, sometimes no news is good news. Here in the Black Hat Asia NOC, we anticipated and prepared for the region’s hackers to come and share a wireless network. Following initial set-up, during the training days, we observed…

Testing a Threat Pattern: Quality is Never an Accident

John Ruskin, one of the great visionaries of the 19th century, said “Quality is never an accident; it is always the result of intelligent effort”, in our continuing journey through the lifecycle of a threat pattern, we are now at the testing phase. After analyzing  requirements, asset and threats, designing a general and reusable model for the threat pattern and implementing the…