Microsoft unveils AI-powered Security Copilot analysis tool

Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. Using Microsoft Security Copilot Security Copilot takes the form of a prompt bar through which security operation center (SOC) analysts ask questions in natural language and receive practical responses. They can ask it to […]

Continue Reading

Microsoft announces Microsoft Incident Response Retainer

Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a cybersecurity crisis. Cybersecurity challenges faced by organizations Organizations are facing numerous cyber attacks that can negatively affect their finances and reputation. Firms, especially small ones, often don’t have dedicated teams that […]

Continue Reading

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution at their disposal: Untitled Goose Tool. Released by the Cybersecurity and Infrastructure Security Agency (CISA), it is an open-source tool that allows users to export and review logs, alerts, configurations, […]

Continue Reading

Understanding metrics to measure SOC effectiveness

The security operations center (SOC) plays a critical role in protecting an organization’s assets and reputation by identifying, analyzing, and responding to cyberthreats in a timely and effective manner. Additionally, SOCs also help to improve overall security posture by providing add-on services like vulnerability identification, inventory tracking, threat intelligence, threat hunting, log management, etc. With […]

Continue Reading

Developing an incident response playbook

An incident response playbook is a predefined set of actions to address a specific security incident such as malware infection, violation of security policies, DDoS attack, etc. Its main goal is to enable a large enterprise security team to respond to cyberattacks in a timely and effective manner. Such playbooks help optimize the SOC processes, […]

Continue Reading