Experts say attempting to replace deterministic tools and human analysts with AI could cost companies more.
Tag: analysts
AI, Global Security News
FIFA domain registrations surge ahead of 2026 World Cup, signaling fraud risks
CSC analysts identified over 65,590 domains with “FIFA” registered between January 2022 and April 2026, none of which were registered by FIFA itself.
AI, Global Security News, malware, Network Security
The behavioral signals that sharpen Trojan malware detection
Malware analysts spend a lot of time deciding which signals from a sandbox run are worth keeping. A sample executed in a controlled environment can generate hundreds of measurable attributes covering file structure, registry edits, process behavior, and network traffic. Most of those attributes add noise. A recent study works through this problem in detail,…
AI, APAC, Apps, Cloud Security, Compliance, Data Breaches, Data Security, Endpoint, Global Security News, Network Security, Risk Management
6 Best Cloud Log Management Services Reviewed in 2026
This guide is for security teams, SOC analysts, DevOps engineers, and IT administrators looking to improve cloud visibility, threat detection, and operational monitoring in 2026. It reviews the best cloud log management services, key platform features, and important factors to consider when selecting the right solution for your environment. Key Takeaways of Cloud Log Management…
AI, Global Security News
The alert economy is driving security analyst burnout
In this Help Net Security video, Ido Livneh, CEO of Jazz, explains why security analysts burn out and what leaders can do about it. The cause, he argues, is not long hours but meaningless work. Analysts spend their days closing repetitive tickets while the institutional knowledge of senior staff walks out the door when they…
AI, APAC, Compliance, Cybersecurity, Global Security News, Government & Policy, malware, Network Security, Risk Management
How Can MSSPs Scale Threat Detection Without Burning Out Their Analysts?
Scaling threat detection as an MSSP doesn’t mean hiring more analysts — it means enabling the analysts you already have to handle more clients, more alerts, and more complex threats without burning out. The practical path forward combines three capabilities: continuous real-time intelligence that keeps detection systems current automatically, instant IOC investigation that cuts triage…
AI, Cloud Security, Cybersecurity, Endpoint, Global Security News, malware, Risk Management
ANY.RUN & Elastic Security: Bring Threat Intelligence into Detection and Investigation Workflows
Security teams don’t lack data. They lack timely, usable intelligence. Analysts spend too much time validating indicators, switching between tools, and figuring out what actually matters. This introduces delays and puts organizations at risk of a missed incident. ANY.RUN solves this by bringing real-time, behavior-validated threat intelligence from ANY.RUN integrated into Elastic Security, where SOC and MSSP teams detect emerging cyberattacks earlier and respond faster without…
AI, Global Security News
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of governance policy controls.” Enterprise leaders can request access to the Gartner Market Guide…
Global Security News
Microsoft Reports Strong Cloud Growth, but Questions About AI Returns Persist
Sales reached $82.9 billion in the January-to-March quarter, exceeding Wall Street analysts’ expectations.
AI, Global Security News, Risk Management
Ping Identity Warns of Emerging Authorisation Risks as AI Agents Scale Across Enterprises
COMPANY NEWS: New KuppingerCole Analysts research, commissioned by Ping Identity, defines how enterprises can govern AI agents at runtime to close emerging authorization gaps
AI, Compliance, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
10 ChatGPT Prompts L1 SOC Analysts Can Use in Their Daily Work
Security operations center (SOC) analysts are expected to process a constant stream of alerts — often under tight response timelines. At the same time, they are expected to investigate accurately, document clearly, and communicate findings to both technical and non-technical stakeholders. This is where generative artificial intelligence (GenAI) tools such as ChatGPT can be helpful.…
AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
OAuth Device Code Phishing: A New Microsoft 365 Account Breach Vector
ANY.RUN’s analysts are observing a sharp increase in phishing activity abusing Microsoft’s OAuth Device Code flow, with more than 180 phishing URLs detected in just one week. This technique represents a shift from credential phishing to token-based account takeover, making detection significantly harder for many SOC teams. Key Takeaways OAuth Device Code phishing is rising rapidly. Campaigns abusing Microsoft’s Device…
AI, Global Security News
Cisco Live Amsterdam 2026: Using Agentic AI to shed light to SOC operations
Empowering SOC analysts with Agentic AI capabilities cansignificantly reduce mean-time-to-respond. The blog providesinsights into how we make this possible, with examples andstatistics.
AI, Global Security News
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Developers and analysts are using more AI tools to produce code and to test both the performance and security of the finished products. They are also embedding AI functionality in their products directly. But just how secure are these AI tools and routines themselves? Recent reports show they suffer from vulnerabilities just like any other…
Global Security News
Claude Code Security Shows Promise, Not Perfection
Claude Code’s introduction rippled across the stock market, but researchers and analysts say its impact was overstated, as they peel back the layers.
AI, Global Security News
Microsoft Defender update lets SOC teams manage, vet response tools
Microsoft introduced library management in Microsoft Defender to help security analysts working with live response manage scripts and tools they use to triage, investigate and remediate threats. The library management interface allows analysts to organize their investigation tools and manage everything without waiting for an active session. “This enhancement in Defender’s live response tooling improves…
Global Security News, Security
How to Automate AWS Incident Investigation with Tines and AI
Cloud incidents drag on when analysts have to leave cases to hunt through AWS consoles and CLIs. Tines shows how automated agents pull AWS CLI data directly into cases, reducing MTTR and manual investigation work. […]
Black Hat, Cisco Breach Protection, Cisco Secure Access, Cisco Security Cloud, Endpoint, Global Security News, Network Security, Security
Continuous Improvement at Black Hat Europe: Listen to Your Analysts! (They Know What They Need)
When security analysts lack endpoint context, identifying the root cause of a network connection is difficult. Discover how a simple automation workflow enriched XDR incidents with DNS data in minutes.
Black Hat, Cisco Breach Protection, Cisco Secure Access, Cisco Security Cloud, Endpoint, Global Security News, Network Security, Security
Continuous Improvement at Black Hat Europe: Listen to Your Analysts! (They Know What They Need)
When security analysts lack endpoint context, identifying the root cause of a network connection is difficult. Discover how a simple automation workflow enriched XDR incidents with DNS data in minutes.
Black Hat, Cisco Breach Protection, Cisco Secure Access, Cisco Security Cloud, Endpoint, Global Security News, Network Security, Security
Continuous Improvement at Black Hat Europe: Listen to Your Analysts! (They Know What They Need)
When security analysts lack endpoint context, identifying the root cause of a network connection is difficult. Discover how a simple automation workflow enriched XDR incidents with DNS data in minutes.
Black Hat, Cisco Breach Protection, Cisco Secure Access, Cisco Security Cloud, Endpoint, Global Security News, Network Security, Security
Continuous Improvement at Black Hat Europe: Listen to Your Analysts! (They Know What They Need)
When security analysts lack endpoint context, identifying the root cause of a network connection is difficult. Discover how a simple automation workflow enriched XDR incidents with DNS data in minutes.