Cybersecurity Year in Review
I recently sat down and interviewed Sharat Ganesh, Google Security product marketing leader, and Jonas Kelley, head of Americas MSSP partnerships for...
Want to Optimize Threat Detection & Response? 5 Patterns vs. 500 Rules
One vendor uses 5 patterns, the other uses 500 rules. What’s better?
Anyone who has configured a SIEM or UEBA (e.g., QRadar, Splunk, ArcSight,...
Amp up Security: MITRE’s SOC Strategies Go to 11. But Can We Go Higher?
MITRE strategy 10 says measure performance to improve performance. It’s important to set a baseline of where resources spend their time and energy —...
How to Improve Cross-functional Collaboration Between the SOC and IT?
As MITRE points out in strategy 9 of its 11 Strategies of a World-class Cybersecurity Operations Center, cross-functional communication is key to a...
Single Pane of Glass Gives a Clear View of Security Operations
Previous strategies in MITRE’s 11 Strategies of a World-class Cybersecurity Operations Center stressed the importance of collecting the right data —...
The Goldilocks Principle for Accurate Security Data Collection
Strategy 6 of MITRE’s 11 Strategies of a World-class Cybersecurity Operations Center focuses on cyber threat intelligence (CTI) data. Strategy 7, on...