387 matches found
What Is Security Control Validation? A Practical Guide
A fully-stocked security arsenal can create a dangerous false sense of security. You might have the best technology on the market, but misconfigurations, policy gaps, or a lack of integration can leave you just as exposed as having no tools at all. Relying on a defense that only looks good on pap...
cyber-security-lab-soc-vapt-beginner
Cyber Security Practice Lab — Beginner SOC + VAPT This begin...
CVE-2025-13428
A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...
Changing the physics of cyber defense
The Deputy CISO blog series is whereMicrosoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...
CVE-2025-13428 RCE in SecOps SOAR server via user-provided Python packages
A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...
Fiber Utils 安全特征问题漏洞
Fiber Utils is a general-purpose function library in the Fiber open source. A security feature issue vulnerability exists in Fiber Utils 2.0.0-rc.3 and earlier versions, which stems from the return of a predictable UUID on failure of the random number generator, which could lead to compromised...
PT-2025-49804
A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...
When Your $2M Security Detection Fails: Can your SOC Save You?
Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the first line of defense. Yet security leaders struggle to justify dedicating resources further down the alert lifecycle to their superiors. As a result, most organizations'...
Charting the future of SOC: Human and AI collaboration for better security
Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...
Charting the future of SOC: Human and AI collaboration for better security
Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...
3 SOC Challenges You Need to Solve Before 2026
2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with AI to making it their primary weapon, using it to scale attacks, automate reconnaissance, and craft hyper-realistic social engineering campaigns. The Storm on the Horizon Global world instability,...
Randomized Controlled Trials for Phishing Triage Agent
Security operations centers SOCs face a persistent challenge: efficiently triaging a high volume of user-reported phishing emails while maintaining robust protection against threats. This paper presents the first randomized controlled trial RCT evaluating the impact of a domain-specific AI agent ...
Empower and Accelerate Your SOC with the Wiz SecOps AI Agent
Meet the SecOps AI Agent: AI-powered threat triage built on the Wiz platform. Investigate every threat with speed and transparency...
Why SOC Burnout Can Be Avoided: Practical Steps
Behind every alert is an analyst; tired eyes scanning dashboards, long nights spent on false positives, and the constant fear of missing something big. It's no surprise that many SOCs face burnout before they face their next breach. But this doesn't have to be the norm. The path out isn't through...
Learn what generative AI can do for your security operations center
The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...
Learn what generative AI can do for your security operations center
The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...
The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations
Security Operations Centers SOC today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickly verify which aler...
How are you managing cloud risk?
Learn why managing cloud risk demands unified visibility, continuous risk assessment, and efficient security operations. Discover how a full-featured CNAPP like Trend Vision One™ Cloud Security enables organizations to move from reactive to proactive cloud protection...
Why Early Threat Detection Is a Must for Long-Term Business Growth
In cybersecurity, speed isn't just a win — it's a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection isn't about preventing a breach someday: it's abo...
Securing AI to Benefit from AI
Artificial intelligence AI holds tremendous promise for improving cyber defense and making the lives of security practitioners easier. It can help teams cut through alert fatigue, spot patterns faster, and bring a level of scale that human analysts alone can't match. But realizing that potential...