Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-26007)

Summary IBM Security SOAR uses an older version of the cryptography component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.9.2 Vulnerability Details CVEID:CVE-2026-26007 DESCRIPTION:...

Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across SIEM and SOAR

Torrance, United States / California, 9th February 2026, CyberNewswire...

Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

Security Orchestration, Automation, and Response SOAR was introduced with the promise of revolutionizing Security Operations Centers SOCs through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR...

Scaling Security Operations with Automation

In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents...

Hive Pro Achieves ISO/IEC 27001: 2022 Certification

Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:202...

Fortinet FortiSOAR Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Fortinet FortiSOAR, a security orchestration, automation and response SOAR solution from Fortinet, Inc. input fields of various components within FortiSOAR to inject HTML tags...

Fortinet FortiSOAR Access Control Error Vulnerability (CNVD-2023-02490)

Fortinet FortiSOAR is a security orchestration, automation and response SOAR solution from Fortinet, Inc. An access control error vulnerability exists in Fortinet FortiSOAR, stemming from a lack of authentication, which could be exploited by an attacker to compromise information by logging into t...

Prioritizing XDR in 2023: Stronger Detection and Response With Less Complexity

As we get closer to closing out 2022, the talk in the market continues to swirl around extended detection and response XDR solutions. What are they? What are the benefits? Should my team adopt XDR, and if yes, how do we evaluate vendors to determine the best approach? While there continue to be...

Five Steps to Integrating a Data Repository Vulnerability Assessment Into A WAF–Driven Vulnerability Management Program

A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed. There are...

Palo Alto Networks Cortex XSOAR 安全漏洞

Palo Alto Networks Cortex XSOAR is a software application from Palo Alto Networks, USA. It provides a security orchestration, automation and response platform with threat intelligence management and a built-in marketplace. A security vulnerability exists in Palo Alto Networks Cortex XSOAR that...

Fortinet FortiSOAR Access Control Error Vulnerability

Fortinet FortiSOAR is a Security Orchestration, Automation and Response SOAR solution from Fortinet U.S.A. An access control error vulnerability exists in Fortinet FortiSOAR, which stems from an application access restriction error that could be exploited by a remote, unauthenticated attacker to...

Automating your Microsoft security suite with D3 XGEN SOAR

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. There are certain pain points in the average security operations center SOC that, no matter what else changes in the security landscape, stay among the most entrenched problems. You...

InsightIDR Was XDR Before XDR Was Even a Thing: An Origin Story

An origin story explains who you are and why. Spiderman has one. So do you. Rapid7 began building InsightIDR in 2013. It was the year Yahoo’s epic data breach exposed the names, dates of birth, passwords, and security questions and answers of 3 billion users. Back then, security professionals...

Cutting Through the Noise from Daily Alerts

According to a survey run on IR and SOC teams, analysts are required to keep track of an average of 6.8 threat intelligence feeds and manually handle an excessive number of alerts. The average security operations team receives over 11,000 alerts per day. Most of an analyst’s time almost 70% is...

MDR Vendor Must-Haves, Part 10: Included Security Orchestration and Automation

This blog post is part of an ongoing series about evaluating Managed Detection and Response MDR providers. For more insights, check out our guide, “10 Things Your MDR Service Must Do.” Cybersecurity teams continue to be challenged by resource constraints and disconnected toolsets. One method of...

IBM Resilient 命令注入漏洞

BM Resilient is a set of incident response platform from IBM. The platform supports functions such as incident response process orchestration and incident management. A security vulnerability exists in IBM Resilient SOAR that allows a privileged user to create malicious scripts that can be execut...

A week in security (September 30 – October 6)

Last week on Malwarebytes Labs, Malwarebytes renewed its pledge to fight stalkerware for National Cybersecurity Awareness NCSA and Domestic Violence Awareness Month. We also looked into what security orchestration is and reported about partnering with security firm, HYAS, to determine the...

How security orchestration improves detection and response

Working together in perfect harmony like the wind and percussion sections of a symphony orchestra requires both rigorous practice and a skilled conductor. Wouldn’t it be great if our cybersecurity solutions did the same to better protect organizations? The methods and tools used to accomplish thi...

Announcing New CB ThreatHunter App for Phantom

Today’s cybersecurity landscape is facing multiple challenges - and not just from cyber attackers. Security teams are understaffed and struggling to find the talent they need to complete their day-to-day tasks, with limited visibility across their security stack. To address these challenges, SOC...

Partner Perspectives: Accelerated Alert Handling from Syncurity and Carbon Black

JP Bourget is the Founder and CSO of Syncurity. One of the key Security Orchestration, Automation and Response SOAR use cases I see every day is alert handling. As more and more organizations adopt EDR solutions, like those offered by Carbon Black, Syncurity IR-Flow is able to speed up the alert...