Microsoft unveils AI-powered Security Copilot analysis tool

Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. Using Microsoft Security Copilot Security Copilot takes the form of a prompt bar through which security operation center (SOC) analysts ask questions in natural language and receive practical responses. They can ask it to […]

Continue Reading

Understanding metrics to measure SOC effectiveness

The security operations center (SOC) plays a critical role in protecting an organization’s assets and reputation by identifying, analyzing, and responding to cyberthreats in a timely and effective manner. Additionally, SOCs also help to improve overall security posture by providing add-on services like vulnerability identification, inventory tracking, threat intelligence, threat hunting, log management, etc. With […]

Continue Reading

Developing an incident response playbook

An incident response playbook is a predefined set of actions to address a specific security incident such as malware infection, violation of security policies, DDoS attack, etc. Its main goal is to enable a large enterprise security team to respond to cyberattacks in a timely and effective manner. Such playbooks help optimize the SOC processes, […]

Continue Reading

Most security pros turn to unauthorized AI tools at work

Security experts are increasingly resorting to unauthorized AI tools, possibly because they are unhappy with the level of automation implemented in their organization’s security operation centers (SOCs), according to a study conducted by Wakefield Research. The research demonstrates that embracing automation in cybersecurity leads to significant business benefits, such as addressing talent gaps and effectively […]

Continue Reading

Microsoft announces automatic BEC, ransomware attack disruption capabilities

Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these capabilities will now help organizations disrupt two common attack scenarios: BEC (business email compromise) and human-operated ransomware attacks. Reaction speed is paramount for disrupting attacks A fast defensive response to initiated cyber attacks […]

Continue Reading

La communication entre l’équipe de sécurité informatique et les dirigeants | Blog officiel de Kaspersky

Aucune entreprise ne peut fonctionner correctement s’il n’y a pas une bonne coopération entre la direction générale et les spécialistes responsables de différents secteurs de l’entreprise. Évidemment, cette coopération exige une bonne communication, ce qui peut parfois s’avérer difficile puisque les cadres et les spécialistes travaillent dans des bulles d’information différentes et ne parlent pas […]

Continue Reading