news
PagerDuty
for Security
Operations unifies
DevSecOps teams
agerDuty, a global leader
in digital operations
management, has announced
PagerDuty for Security Operations.
P
This solution for security and developer
teams introduces a comprehensive set
of new and existing security-focused
integrations from PagerDuty’s broader
partner ecosystem.
Teams can leverage their
security tool-chain with PagerDuty’s
extensive best practices for security
incident response and for sharing
security accountability.
With PagerDuty for Security
Operations, development and
operations engineers can now bring
security professionals onto a common
platform to reduce risk, enabling them
to resolve security alerts faster.
To better support the security
requirements of its customers,
PagerDuty for Security Operations
features more than 25 new and existing
integrations, across a robust security
ecosystem, including:
• Security information and event
management (SIEM) (Sumo Logic,
LogRhythm, Logz.io, AlienVault an
AT&T Company)
• Security orchestration, automation
and response (SOAR) (Demisto,
Swimlane, Cybersponse, DFLabs)
• Threat intelligence, cloud and
application security (Twistlock,
Threat Stack, Aqua Security,
Templarbit, Signal Sciences)
• Endpoint and network security,
vulnerability management
(Expel, Nucleus)
• Cloud compliance (CloudGuard
Dome9 from Check Point)
6
FIREEYE REPORT FINDS
ORGANISATIONS ARE IDENTIFYING
ATTACKER ACTIVITY FASTER
ireEye, the intelligence-
led security company, has
released the Mandiant
M-Trends 2019 report. The report
shares statistics and insights
gleaned from Mandiant investigations
around the globe in 2018.
F
Key findings include:
• Dwell time decreasing as
organisations improve
detection capabilities – In 2017,
the median duration between
the start of an intrusion and
the identification by an internal
team was 57.5 days. In 2018 this
duration decreased to 50.5 days.
• Nation-state threat actors
are continuing to evolve and
change – Through ongoing
tracking of threat actors from
North Korea, Russia, China, Iran
and other countries, FireEye has
observed these actors continually
enhancing their capabilities
and changing their targets in
alignment with their political and
economic agendas.
• Attackers are becoming increasingly
persistent – FireEye data provides
evidence that organisations which
have been victims of a targeted
compromise are likely to be targeted
again. Global data from 2018 found
that 64% of all FireEye managed
detection and response customers
who were previously Mandiant incident
response clients were targeted again
in the past 19 months by the same or
similarly motivated attack group, up
from 56% in 2017.
• Many attack vectors used to
get to targets, including M&A
activity – Attacker activity touches
countries across the globe. Among
them, FireEye observed an increase
in compromises through phishing
attacks during mergers and
acquisitions (M&A) activity.
Visit fireeye.com/current-threats/annual-
threat-report/mtrends.html. to download
the full report.
Issue 12
|
www.intelligentciso.com