11 Jul
Eight factors you should evaluate when prioritizing security alerts
Quantifying and scoring individual security alert are important for security teams to effectively prioritize security tasks. Common scoring mechanisms are the Common Vulnerability Scoring System (CVSS). It is an open framework for communicating the characteristics and severity of software vulnerabilities, owned and managed by FIRST.Org. NIST publishes the Base metrics in the National Vulnerability Database
09 Nov
Addressing Noisy Security Detections – A Complete Solution
Noisy security detections Modern cybersecurity teams are overwhelmed with alerts from a variety of systems such as SIEM, cloud, SaaS application, network, endpoint, etc. Many teams receive hundreds/thousands of alerts every day and large enterprises can receive millions daily. Security analysts are annoyed by repetitive false positives and are extremely concerned about false negatives caused
22 Sep
The Gap between Security Detections and Response
The evolution of the Security Operation Center(SOC) Security Information and Event Management Platform (SIEM) have gradually become the center of SOC center. It creates a variety of interesting security detections(alerts) that security analysts have to respond to. Usually, a tier 1 analyst performs the initial triage of SIEM alerts and escalates high-priority ones to tier
17 Sep
Security Alert Fatigue
Security alerts are signals that are generated by security vendors or security analysts on certain things that are suspicious. A “False Positive” alert occurs when the security system mislabeled a non-malicious activity as an attack. Security alerts are overwhelming SOC centers today, most of which are false positives. In a recent report provided by Forrester,
Recent Posts
Recent Posts
Recent Comments
Leveraging AI To Reduce Risk of Ransomware
Top 5 free tools to defend against Ransomware Attack - AI-Based Analysis and Response