The new open standard STIX and TAXII 2.1 releases have been approved by OASIS. A new self-certification program should help drive adoption and enable SOC teams to arrive at faster time to detection and time to mitigation.
Orange Polska has released Mixeway, an open source CI/CD security orchestration tool. It needs a lot more work but the GUI and aspiration to correlate vulnerability testing across security tools make it worth taking a look at.
By defining open and transparent network security testing specifications, the leading NGFW vendors supporting NetSecOPEN are looking to usher in a new era in trusted network security testing.
Some telcos are investing in deception technology. According to Attivo Networks, one telco customer found enough unauthorized and malicious behaviour by employees to warrant firing them on the spot. There are telecom infrastructure use cases too.
I took the AT&T Chief Security Office "Security Challenge" at the AT&T Business Summit in Dallas last week. Here's what I made of it.
T-Systems wants to become Europe's largest provider of cyber security services. This HardenStance Briefing looks at how growing market share in the UK is key to achieving that goal.
This White Paper, sponsored by The Cyber Threat Alliance, IBM Security, KPN and Nokia looks at the importance of using Defensive and Incident Response (IR) playbooks as a foundational building block of security automation.
The U.S. District Court for the Northern District of California has dismissed the NSS Labs Anti Trust lawsuit against AMTSO. Thank goodness.
The OpenC2 Forum has approved its first specifications, putting the standard on a footing with which it can scale out into commercial deployments and increase speed and efficiency in cyber security operations.
The NSS Labs apology to CrowdStrike and resolution of their lawsuits is progress as far as it goes. But it still leaves outstanding the NSS antitrust suit against AMTSO.
It's clear from the proof-points offered up in a recent webcast that IBM Security and Cisco are serious about their cyber security alliance. In the near future, though, the partners will disrupt the cyber security market at the margins rather than transforming it.
AI isn't a 'silver bullet' for cyber security, neither does it need to represent unacceptable risk. Drawing on research into the experience of early adopters, this White Paper provides guidance on what to expect from AI in cyber security..