The Broken Physics of Remediation
The race most security programs are built around — patch faster than the attacker can exploit — was designed for a threat landscape that no…
Category: ThreatIntelligence-IncidentResponse
The Rise of Managed Risk Operations: How the New Qualys mROC Portal Helps Partners Scale the Risk Operations Center
Key Takeaways The mROC Portal acts as a portfolio-wide command center, giving partners unified visibility into high-risk customer environments, active threats, and critical exposures to…
Investigating from the Endpoint Across Your Environment with Elastic Security XDR — Elastic Security Labs
Preamble Security investigations rarely stay confined to a single host. Today’s attackers increasingly use automation and AI to compress multi-stage attacks into minutes, turning what…
When and Where SIEM Fits in Healthcare IT Settings
It’s hard to open Google or check the latest headlines without seeing news of yet another breach—and that’s just the ones that actually make the…
Managing AI security: Don’t overlook identities, code & cloud data
AI isn’t just moving fast. It’s creating new attack paths. Cyber teams must now manage vulnerabilities – and their ramifications throughout their IT environments –…
Streamlining the Security Analyst Experience — Elastic Security Labs
The term Agentic SOC (Security Operations Center) is one of the most popular concepts in security today. But what does it truly mean in practice,…
From Vision to Real-time Threat Intelligence: TruLens for ETM
Peer benchmarks, exposure timing, and threat actor insight, orchestrated by agentic AI to turn TruRisk into decisions you can defend. When we first outlined the…
How Managed SIEM Helps Decode Compliance
Compliance can often feel like traffic laws. Street signs, speed limits, and signals aren’t just cute roadside decorations. They help ensure safe travel and the…
Supercharge Your SOC — Elastic Security Labs
Preamble The landscape of cybersecurity is evolving, and the role of the Detection Engineer (DE) is more critical and demanding than ever. Traditionally, this role…
2024: Revisiting a Year in Threats
Before you pop the bubbly and count down to a new year, let’s reminisce for a moment. Looking back on the past 365 days, it…
Exploring Package Tracking Smishing Scams
Have you recently received a text message urging you to take action to avoid a negative outcome? Maybe you’ve just been informed you have an…
Cleo Software Actively Being Exploited in the Wild CVE-2024-55956
CVE-2024-55956 Summary On December 3, Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers. We’ve directly…