#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

SOC Automation | Breaking Cybersecurity News | The Hacker News

How to Use Tines's SOC Automation Capability Matrix

How to Use Tines's SOC Automation Capability Matrix

Feb 23, 2024 SOC Automation / Security Operation
Created by John Tuckner and the team at workflow and automation platform  Tines , the  SOC Automation Capability Matrix (SOC ACM)  is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's been shared and recommended by members of the security community since its launch in January 2023, notably by Airbnb engineer Allyn Stott in his BSides and Black Hat talk,  How I Learned to Stop Worrying and Build a Modern Detection & Response Program .   The SOC ACM has been compared to the MITRE ATT&CK and RE&CT frameworks, with one user saying, "it could be a standard for classification of SOAR automations, a bit like the RE&CT framework, but with more automation focus." It's been used by organizations in Fintech, Cloud Security, and beyond, as a basis for assessing and optimizing their securi
4 Places to Supercharge Your SOC with Automation

4 Places to Supercharge Your SOC with Automation

Jan 17, 2023 Security Automation / SOC Platform
It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced teams with false positives and analyst burnout. However, like many other industries, cybersecurity is now beginning to lean on and benefit from advancements in automation to not only maintain the status quo, but to attain better security outcomes. Automation across multiple phases of the SOC workflow The need for automation is clear, and it is apparent that it is becoming table stakes for the industry. Of all cyber resilient organizations, IBM estimates that  62%  have deployed automation, AI and machine learning tools and processes.  Up until now, much of these advancements in automation have been focused on response, with SOAR and incident response tools playing an instrumental role in tackling the most urgent phase of the SOC workflow.  Centering the focus only on response, however, means we're treating the sym
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Cybersecurity Resources