PCAP, or full packet data capture for analysis, does what it says – it captures the entirety of every packet that comprises the network traffic (both metadata and content). If something happens on the network, PCAP knows about it. Whether it is malware moving data around, or staff arranging a private party, it can be…

Organizations are spending more to account for widespread security operation center (SOC) challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dissatisfied with the outcomes, Ponemon Institute and FireEye reveal. Companies are also boosting investments in new SOC tools like Extended Detection and Response (XDR) and…

Organized crime has grown more complex since the turn of the century—coinciding with the rise of the digital world, cybercriminals have leveraged the proliferation of technology to broaden their reach with a more sophisticated network-structured model, effectively globalizing their operations in cyberspace and ultimately allowing cybercriminals to devastate companies and consumers alike. The faster you…

There was a time when companies were hesitant about their IT and security teams using automation to discharge some of their duties. “I think much of that was due to the feeling that if a task was automated and something went wrong, IT was not in control and did not have as much visibility,” Candace…

93% of SOC managers unable to triage all potential threats

In mid-2016, Intel Security commissioned a primary research study to gain a deeper understanding of the ways in which enterprises use SOCs, how they have changed over time, and what they will look like in the future. Interviews with nearly 400 security practitioners across several countries, industries and company sizes yielded valuable information on the…

From Chasing Alerts to Hunting Threats: What Makes an Effective SOC is Evolving

Whether you call it a SOC, a CSOC, a Cyber Defense Center, or something else, security operation centers have the same fundamental mission – to help organizations detect, analyze, respond to, report on, and prevent cyber security incidents. But what it takes to do that effectively has changed in this ever-evolving threat landscape, putting an…