Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26007)

Summary IBM Security SOAR uses an older version of the cryptography component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION:...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-25639)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.0 Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is...

Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across SIEM and SOAR

Torrance, United States / California, 9th February 2026, CyberNewswire...

Google SecOps SOAR Server 安全漏洞

Google SecOps SOAR Server is a security platform from Google, Inc USA. A security vulnerability exists in Google SecOps SOAR Server version 6.3.54.0, 6.3.53.2, and all previous versions, which stems from a path traversal issue in the archive extraction component that could lead to remote code...

Toward an Intent-Based and Ontology-Driven Autonomic Security Response in Security Orchestration Automation and Response

Modern Security Orchestration, Automation, and Response SOAR platforms must rapidly adapt to continuously evolving cyber attacks. Intent-Based Networking has emerged as a promising paradigm for cyber attack mitigation through high-level declarative intents, which offer greater flexibility and...

Logpoint 安全漏洞

Logpoint is a network security application from the Danish company Logpoint. A security vulnerability exists in Logpoint versions prior to 7.5.0 that stems from SOAR's use of static JWT keys to generate tokens that allow an attacker to access SOAR API endpoints without authentication...

Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

Security Orchestration, Automation, and Response SOAR was introduced with the promise of revolutionizing Security Operations Centers SOCs through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR...

Scaling Security Operations with Automation

In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents...

Hive Pro Achieves ISO/IEC 27001: 2022 Certification

Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:202...

Fortinet FortiSOAR Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Fortinet FortiSOAR, a security orchestration, automation and response SOAR solution from Fortinet, Inc. input fields of various components within FortiSOAR to inject HTML tags...

Fortinet FortiSOAR Access Control Error Vulnerability (CNVD-2023-02490)

Fortinet FortiSOAR is a security orchestration, automation and response SOAR solution from Fortinet, Inc. An access control error vulnerability exists in Fortinet FortiSOAR, stemming from a lack of authentication, which could be exploited by an attacker to compromise information by logging into t...

Prioritizing XDR in 2023: Stronger Detection and Response With Less Complexity

As we get closer to closing out 2022, the talk in the market continues to swirl around extended detection and response XDR solutions. What are they? What are the benefits? Should my team adopt XDR, and if yes, how do we evaluate vendors to determine the best approach? While there continue to be...

Five Steps to Integrating a Data Repository Vulnerability Assessment Into A WAF–Driven Vulnerability Management Program

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed. There are...

Deploying a SOAR Tool Doesn’t Have to Be Hard: I’ve Done It Twice

As the senior information security engineer at Brooks, an international running shoe and apparel company, I can appreciate the challenge of launching a security orchestration, automation, and response SOAR tool for the first time. I’ve done it at two different companies, so I’ll share some lesson...

Palo Alto Networks Cortex XSOAR 安全漏洞

Palo Alto Networks Cortex XSOAR is a software application from Palo Alto Networks, USA. It provides a security orchestration, automation and response platform with threat intelligence management and a built-in marketplace. A security vulnerability exists in Palo Alto Networks Cortex XSOAR that...

Fortinet FortiSOAR Access Control Error Vulnerability

Fortinet FortiSOAR is a Security Orchestration, Automation and Response SOAR solution from Fortinet U.S.A. An access control error vulnerability exists in Fortinet FortiSOAR, which stems from an application access restriction error that could be exploited by a remote, unauthenticated attacker to...

Automating your Microsoft security suite with D3 XGEN SOAR

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. There are certain pain points in the average security operations center SOC that, no matter what else changes in the security landscape, stay among the most entrenched problems. You...

Automating your Microsoft security suite with D3 XGEN SOAR

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. There are certain pain points in the average security operations center SOC that, no matter what else changes in the security landscape, stay among the most entrenched problems. You...

7Rapid Questions: Stephen Donnelly

At Rapid7, there's no shortage of passionate leaders looking to challenge convention and make an impact. Our "7Rapid Questions" series is a way to highlight some of the amazing work taking place behind the scenes, and the exciting growth opportunities available in our global offices. For this...

How Open Systems uses Microsoft tools to improve security maturity

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. We’ve all seen it happen—an organization has all the top-notch security tools in place and still, they get breached. In today’s rapidly evolving threat landscape, complexity leads to...