After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.”
As a reminder (and I promise you do need it; it has been years…), the previous 4 p
My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans
This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Threat Horizons Report, #11 (full version) that we just released (the official blog for #1 report, my unofficial blogs
Imagine walking into a crowded airport where security checks every bag. Some bags trigger an alert and are flagged. Security pauses and asks: “Is this dangerous or just an innocent traveler carrying metal in their pockets?” Now, picture this in the d
Imagine walking down a busy street where pickpockets are lurking. You wouldn't flash your wallet, right? Instead, you'd zip it away, staying one step ahead. That's exactly what the OWASP ModSecurity Core Rule Set (CRS) does for your web applications—
Imagine an old mechanical watch. Tiny gears, springs, and screws work together. No fancy AI, no wireless updates—just pure engineering. Mod Security works the same way. It’s not flashy. It doesn’t rely on cloud intelligence or m
Imagine a busy highway. Cars zoom past, carrying everything from passengers to valuable goods. But not every vehicle should be allowed in. Some might carry dangerous cargo, while others are simply lost. Web Application Firewalls (WAFs) work the same
When you get into a car, the seatbelt is your first line of defense. It's automatic—click it, and you’re safer. But it doesn’t mean you stop watching the road or ignore traffic rules. A seatbelt reduces the impact, but it’s not a magic shield. The sa
Imagine your home guarded by a loyal family dog. It’s friendly, greets your guests, and barks only when a real threat emerges. But what happens when that same dog is suddenly tasked with guarding a high-security vault? It transforms into
Unmasking Threats with Rule Validation and Scoring
Think about securing your home. You’ve installed surveillance cameras, sensors, and even a guard dog. But what happens when someone manages to sneak in? Wouldn’t it be great to have a system that not
The Final Layer of Defense for Web Applications
Imagine having a guard dog that not only watches your house but knows who to bark at and who to ignore. ModSecurity does just that for web applications. But like a smart dog that gets better with traini
Protecting Your Applications with Confidence
Imagine running a high-speed train. Every minute, thousands of passengers board, and you need to ensure they get to their destination safely. But what if 1% of those passengers posed a potential risk? Woul
The recent inadvertent exposure of classified U.S. military plans by top defense and intelligence leaders serves as a stark reminder that even the most capable cybersecurity tools and well-defined policies can be rendered meaningless if ignored or mi
Our editorial team has curated the finest sessions from the CISO Platform Top 100 Awards & Annual Conference 2025—India’s first award ceremony that celebrates those making a meaningful impact in the world of security.
The 16th annual conference was
Imagine this. You’re standing in your kitchen, making toast. Suddenly, you hear a dripping sound. You glance at the sink and notice water pooling around the base. It’s not a flood—yet—but it could be. You investigate the source, tighten a loose pipe,
Every company wants to unlock the magic of cloud data, but it’s not a free ride. Especially with data privacy laws like the Digital Personal Data Protection Act (DPDPA) keeping you accountable. Getting data security right can feel like juggling water
More attacks targeting cryptocurrency users. Microsoft has identified a new Remote Access Trojan, named StilachiRAT, that has sophisticated capabilities to remain stealthy and persistent so it can harvest crypto wallet credentials via web browsers.
Th
ISO 27001 compliance is one of the most recognized international standards for information security management. Organizations worldwide seek certification to protect sensitive data, gain customer trust, and meet regulatory requirements. However, achi
Imagine seeing photos and videos of a massive political rally flooding your social media feed. It looks real—except it never happened. That’s the power of disinformation propaganda: creating false realities that influence thoughts, decisions, and eve
After a day of attending sessions at RSA, join us on a luxury yacht for drinks, food, and live entertainment while enjoying the stunning skyline views, cruising on San Francisco Bay.
Registration Link: Click Here
Location: Doc/Leave from SF/China Basin
