As many companies around the country begin work-from-home policies, we’re seeing an increase in the number of cybersecurity attacks aimed at end users and end user systems. We know that many IT operations teams – both in-house enterprise teams and Service Providers – are scrambling to implement the technical capabilities and processes to enable a remote workforce.
My last post, entitled “What is SOAR and why is it important”, illustrated why SOAR is needed in the industry alongside faster maturation. If you didn’t catch that one, I’d suggest reading it first for context. With that post as the backdrop, I will now focus on how we can solve the two main issues with traditional SIEM and SOC: response time and expertise, both of which SOAR promises to solve.
Security Orchestration, Automation and Response (SOAR) has been getting a lot of attention recently. I thought it would be good to take a moment and discuss what it is and why it is important to the industry. Gartner was the first to formally define SOAR: “SOAR refers to technologies that enable organizations to collect inputs monitored by the security operations team.
Anyone in the cybersecurity field will tell you that enabling Multi-Factor Authentication is the single most important service to prevent nefarious account take-overs. While this information is true, it is also artificially imputed that with MFA enabled, password security is reduced.
It is 3:00 am and you get a call from your service provider that monitors your network for cybersecurity attacks. These are the calls you dread. The analyst tells you they are seeing a real-time MS-SQL injection attack. The attack is coming from a source in China to one of your servers.
StratoZen espouses a near-zero false positive rate of alerting in our SIEM and SOC as a service environment to our clients. That is a pretty bold statement, one challenged frequently as a result of a misunderstanding. So, what exactly is a false positive?
As I spoke with many CIOs and heads of IT at a recent financial services conference, I realized that these organizations are tired of being told that they need to change out their technology stack, replace the systems and SIEM solutions they have already invested in, or add yet another piece of agent software to the systems.
The best fabric in the world must be custom tailored by an expert to achieve the perfect fit. The Fortinet Security Fabric is a groundbreaking approach to information security, and StratoZen is the custom tailor that makes the Security Fabric fit your business.
The world of cybersecurity has had some fundamental shifts in the past few years that have made the vast majority of companies unprepared for today’s threats. The proliferated use of malware for example has dramatically reduced the intrinsic value of traditional security solutions such as firewalls, IDS/IPS, and anti-virus software.
The term “Go Big or Go Home” was first used by an exhaust system manufacturer in the ‘90s named Porker Pipes who primarily sold to Harley Davidson Motorcycles. The term has been reused, rehashed, and repurposed over and over in the subsequent 20+ years by just about everyone.
A huge industrial fire breaks out at a warehouse in the lower east side of the city. Black smoke billows high into the air which can be seen for miles around as people evacuate to safety. Part of the building collapses and screams can be heard from inside.
Modern information security breaches follow a very specific pattern and most organizations are simply not designed to stop these attacks, and unfortunately not even able to detect them for months and sometimes years later. In short, hackers today use malware rather than direct attacks to compromise organizations like Anthem, Target, Home Depot, JP Morgan Chase, Ebay and most others over the past several years.