Lucene search
K

26 matches found

Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.18 views

Governing AI-Assisted Security Operations: A Design Science Framework for Operational Decision Support

Engineering managers increasingly must decide how to introduce generative artificial intelligence AI, retrieval-augmented generation, and coding agents into high-risk operational functions without weakening accountability, privacy, cost discipline, or auditability. The central message of this stu...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.9 views

AI-Driven Security Alert Screening and Alert Fatigue Mitigation in Security Operations Centers: A Comprehensive Survey

Security alert screening is the downstream task of filtering, prioritizing, correlating, and contextualizing alerts for analyst attention in Security Operations Centers. This survey reviews artificial-intelligence-driven alert screening and alert-fatigue mitigation from 2015 to 2026. We synthesiz...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.6 views

AsmRAG: LLM-Driven Malware Detection by Retrieving Functionally Similar Assembly Code

Deep learning malware detectors achieve high classification accuracy but suffer from severe interpretability limitations, typically returning probabilistic verdicts that lack forensic context. We introduce AsmRAG, a framework performing malware analysis through Assembly-Level Retrieval-Augmented...

5.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/30 12:0 a.m.5 views

Human-Centered Explainability in AI-Enhanced UI Security Interfaces: Designing Trustworthy Copilots for Cybersecurity Analysts

Artificial intelligence AI copilots are increasingly integrated into enterprise cybersecurity platforms to assist analysts in threat detection, triage, and remediation. However, the effectiveness of these systems depends not only on the accuracy of underlying models but also on the degree to whic...

5.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/03 11:56 a.m.5 views

The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations

Security Operations Centers SOC today are overwhelmed. Analysts handle thousands of alerts every day, spending much time chasing false positives and adjusting detection rules reactively. SOCs often lack the environmental context and relevant threat intelligence needed to quickly verify which aler...

6.5AI score
Exploits0
HackRead
HackRead
added 2025/10/14 10:44 a.m.3 views

How Top SOCs Stay Up-to-Date on Current Threat Landscape

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

6.8AI score
Exploits0
HackRead
HackRead
added 2025/09/23 10:9 a.m.5 views

How Major SOCs Achieve Early Threat Detection in 3 Steps

Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building…...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/13 12:0 a.m.4 views

Large Language Models for Security Operations Centers: a Comprehensive Survey

Large Language Models LLMs have emerged as powerful tools capable of understanding and generating human-like text, offering transformative potential across diverse domains. The Security Operations Center SOC, responsible for safeguarding digital infrastructure, represents one of these domains. SO...

6.8AI score
Exploits0
HackRead
HackRead
added 2025/08/06 10:57 a.m.4 views

How Top SOCs Defend Against Emerging Threats with Live Attack Data

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/07/31 10:0 a.m.5 views

Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs

Security Operations Centers SOCs are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts face a daily battle with alert noise, fragmented tools, and incomplete data visibility. At the same time,...

7.6AI score
Exploits0
HackRead
HackRead
added 2025/07/01 10:15 a.m.5 views

How SOCs Improve Key Cybersecurity KPIs with Better Threat Analysis

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/06/13 10:30 a.m.22 views

CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk

Introduction: Security at a Tipping Point Security Operations Centers SOCs were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today's threat landscape doesn't play by those rules. The sheer volume of telemetry, overlapping...

7.7AI score
Exploits0
Securelist
Securelist
added 2025/04/16 10:0 a.m.10 views

Streamlining detection engineering in security operation centers

Security operations centers SOCs exist to protect organizations from cyberthreats by detecting and responding to attacks in real time. They play a crucial role in preventing security breaches by detecting adversary activity at every stage of an attack, working to minimize damage and enabling an...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/08 11:0 a.m.20 views

Agentic AI in the SOC - Dawn of Autonomous Alert Triage

Security Operations Centers SOCs today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/06/13 1:0 p.m.10 views

Rapid7 Infuses Generative AI into the InsightPlatform to Supercharge SecOps and Augment MDR Services

In the ever-evolving landscape of cybersecurity, staying ahead of threats is not just a goal—it's a necessity. At Rapid7, we are pioneering the infusion of artificial intelligence AI into our platform and service offerings, transforming the way security operations centers SOCs around the globe...

7.1AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/03/30 2:53 p.m.15 views

Demystifying XDR: The Time for Implementation Is Now

In previous installments of our conversation with Forrester Analyst Allie Mellen on all things extended detection and response XDR, she helped us understand not only the foundations of the product category and its relationship with security information and event management SIEM, but also the role...

Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/01/18 3:53 p.m.10 views

2022 Planning: Metrics That Matter and Curtailing the Cobra Effect

During the British rule of India, the British government became concerned about the number of cobras in the city of Delhi. The ambitious bureaucrats came up with what they thought was the perfect solution, and they issued a bounty for cobra skins. The plan worked wonderfully at first, as cobra...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/01/28 5:0 p.m.162 views

ZINC attacks against security researchers

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive securit...

8.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/09/21 4:0 p.m.25 views

Vectra and Microsoft join forces to step up detection and response

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Click here to learn more about MISA. Traditional security operations center SOC processes typically involve a wide variety of disparate event notification tools that force overworked analysts to battl...

0.2AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/07/29 1:52 p.m.40 views

Carbon Black EDR’s All-New Live Query Capability and Enhanced Fileless Visibility

VMware Carbon Black is excited to announce that VMware Carbon Black EDR formerly CB Response, recently named by Gartner as a 2020 Customers’ Choice for Endpoint Detection and Response solutions, now features enhanced insight into fileless activity via Microsoft’s AMSI and a brand new Live Query...

1.1AI score
Exploits0
Rows per page
Query Builder