Tim Wenzlau is a Product Manager at Respond Software. He is focused on adding skills to the Respond Analyst--continuously improving the Respond Analyst’s intelligence, visibility, awareness, and user experience. Prior to Respond Software, Tim managed and launched a user behavior product and held various roles in corporate development, strategy, and business operations. Tim holds a degree in Operations Research and Financial Engineering from Princeton University.
Remember 3 C’s Part 2 Welcome to part two of my three-part blog series on the 3C’s (Coverage, Context, and Cost) required for sustainable security monitoring infrastructure. In the last blog, I reviewed the importance of effective Coverage within a modern security operation. Today’s blog will focus on the second “C”—Context. When it comes
Every time I flip a light switch or run water for my daily shower, I’m not thinking of the potential security risks within our power plants or water suppliers. I just take it for granted that the computers working behind the scenes keep things running smoothly. These computers, also known as Industrial Control Systems (ICS),
Cybersecurity is tricky business for the mid-sized enterprise. Attacks targeting mid-sized companies are on the rise, but their security teams are generally resource constrained and have a tough time covering all the potential threats. There are solutions that provide sustainable security infrastructures but the vendor landscape is confusing and difficult to navigate. With smaller teams
We’ve heard repeatedly from security analysts (like those interviewed in Cyentia’s Voice of the Analyst Survey) that event monitoring is time-consuming, boring, and repetitive, that security analysts feel like ticket monkeys interfacing with IT, and only occasionally do they get to do the fun work of threat hunting. But did you know that EPPs (Endpoint
Raffael is currently VP Security Analytics at Sophos and a strategic advisor for Respond Software. Before his current roles, he held positions at Splunk, ArcSight, IBM and was the founder of PixlCloud. He is also the author of Applied Security Visualization, the first book on security visualization. The Respond Software team wanted to get Raffy’s expert perspective on visual communication in information security, what measures are necessary to advance security analytics, and thoughts on analytical vs. subject matter expertise.
Better decisions within a SOC are those that directly support protecting the organization’s brand value and revenue generating lines of business. SOCs must make tradeoffs and prioritize investigations because of security analyst scarcity and unavailability to look into all possible leads.
Analysts in enterprise Security Operations Centers (SOCs) are a lot like drivers on a long journey. They stare at screens or through windshields for hours on end, trying to identify and respond to any potential threats or hazards. Even the best of them struggle with boredom, fatigue, and frustration. And their own biases and expectations influence the way they interpret the information that comes at them.