Security Boulevard

Permalink

The post Dr. Martin Luther King, Jr. Day 2025 appeared first on Security Boulevard.

As one of his final official acts, President Joe Biden issued a landmark directive, addressing the evolving challenges posed by cyber threats while charting a strategic course toward a more secure digital ecosystem.

Related: How Trump views of AI, … (more…)

The post MY TAKE: Here’s why Donald Trump really needs to fully embrace Joe Biden’s cybersecurity EO first appeared on The Last Watchdog.

The post MY TAKE: Here’s why Donald Trump really needs to fully embrace Joe Biden’s cybersecurity EO appeared first on Security Boulevard.

Implementing API authentication is one of the most critical stages of API design and development. Properly implemented authentication protects data, user privacy, and other resources while streamlining compliance, preventing fraud, and establishing accountability. In fact, broken authentication is one of the leading causes of API-related breaches.  Ultimately, by applying robust authentication mechanisms, organizations can dramatically [...]

The post Considerations for Selecting the Best API Authentication Option appeared first on Wallarm.

The post Considerations for Selecting the Best API Authentication Option appeared first on Security Boulevard.

In this episode, we explore Meta’s recent decision to replace traditional fact-checking with community notes and its potential impact on misinformation. We also discuss the implications of a TikTok ban in the U.S., with users migrating to similar apps like RedNote. The conversation covers the challenges of maintaining reliable information in social media and the […]

The post Meta Ditches Fact-Checking for Community Notes, RedNote and the TikTok Ban appeared first on Shared Security Podcast.

The post Meta Ditches Fact-Checking for Community Notes, RedNote and the TikTok Ban appeared first on Security Boulevard.

Santa Clara, Calif. January 20, 2025 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been included in the Forrester report, The External Threat Intelligence Service Providers Landscape, Q1 2025 among Notable Providers recently. This is the second time for NSFOCUS to be included in this report, as we have […]

The post NSFOCUS Included in External Threat Intelligence Service Providers Landscape Q1 2025 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Included in External Threat Intelligence Service Providers Landscape Q1 2025 appeared first on Security Boulevard.

Authors/Presenters: Dan Berte & Alexandru Lazar

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Exposing The Occultations In Large Off-Grid Solar Systems appeared first on Security Boulevard.

Adam Ant, AD Rock, Alan Parsons, Aldo Nova, Alex Lifeson, Andrew Gold, Angus Young, Barbra Streisand, Barry Gibb, Barry White, Benjamin Orr, Barry Goudreau, Beyoncé Knowles-Carter, Bill Wyman, Billy Gibbons, Billy Preston, Billy Squire, Björn Ulvaeus, Bob Casale, Bob Dylan, Bobby Kimball, Boy George, Brad Delp, Brian May, Bruce Dickenson, Carmine Appice, Carol Kaye, Charlie […]

The post Legends of Music: Celebrating the Greatest Artists Across Generations Compilation appeared first on Security Boulevard.

Are Businesses Truly Prepared for Today’s Cybersecurity Challenges? With the transition to a digital majority, company networks are continuously at risk, and potential breaches are growing more severe each day. So, how well-prepared is the average business when it comes to cybersecurity essentials? Business Cybersecurity: More Than Just Firewalls and Antivirus One critical aspect of […]

The post Confident Cybersecurity: Essentials for Every Business appeared first on Entro.

The post Confident Cybersecurity: Essentials for Every Business appeared first on Security Boulevard.

What Role Does Proactive Handling of Cloud Identities Play in Avoiding Breaches? As cybersecurity experts, we are vested in the responsibility of providing guidance and oversight to other professionals in the cybersecurity sphere. A topic that has been gaining traction in recent years is Non-Human Identities (NHIs) and Secrets Security Management. NHIs are machine identities […]

The post Proactively Managing Cloud Identities to Prevent Breaches appeared first on Entro.

The post Proactively Managing Cloud Identities to Prevent Breaches appeared first on Security Boulevard.

Is Your PAM Strategy as Secure as You Think? It’s a common question asked in board meetings and by cybersecurity teams: Is our Privileged Access Management (PAM) truly safe? A secure PAM strategy is vital to any business’s cybersecurity infrastructure, but the complexity often leads to blind spots. Non-Human Identities (NHIs) and their associated Secrets […]

The post How Secure Is Your PAM Strategy? appeared first on Entro.

The post How Secure Is Your PAM Strategy? appeared first on Security Boulevard.

Author/Presenter: Daniel Beard

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Breaking Boundaries: Popping Shells In The Airgap With $10 & Arduino Magic appeared first on Security Boulevard.

What is Cyber Essentials? Cyber Essentials scheme is a UK government-backed initiative designed to help organisations, large or small, shield themselves from common cyber threats. It outlines a straightforward set of technical security controls that, when appropriately implemented, can reduce an organisation’s attack surface. This is particularly vital for NHS and healthcare organisations. They handle […]

The post Cyber Essentials NHS and Healthcare Organisations appeared first on Security Boulevard.

As the political landscape heats up, so does the activity in the cyber threat domain. High-profile events such as inaugurations often become a prime opportunity for cybercriminals to launch malicious campaigns. With Trump’s upcoming inauguration on January 20th, our research sheds light on the digital threats tied to such politically charged events, focusing on previous […]

The post Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones appeared first on VERITI.

The post Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones appeared first on Security Boulevard.

The ticketing industry is under constant threat from malicious bots, with bad actors targeting these platforms for financial gain. Bots accounted for 31.1% of all traffic to entertainment platforms in 2024, with attacks ranging from scalping and credential stuffing to carding operations. When one public museum experienced a surge in fraudulent transactions, they turned to […]

The post How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots appeared first on Blog.

The post How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots appeared first on Security Boulevard.

image by Meta.AI lampooning humanless SOC

My former “colleagues” have written several serious pieces of research about why a SOC without humans will never happen (“Predict 2025: There Will Never Be an Autonomous SOC”, “The “Autonomous SOC” Is A Pipe Dream”, “Stop Trying To Take Humans Out Of Security Operations”). But I wanted to write a funny companion to this called “How to Talk to Idiots Who Believe in ‘Humanless SOC’.” Here it is, but it is definitely a rant and not technical guidance, mind you.

I think most of us will encounter people who believe that a Security Operations Center (SOC) fully staffed by machines and with no humans anywhere will actually happen. Now, I think those people are delusional, but it is interesting to try to study those delusions. Try to psychoanalyze them, perhaps. Maybe this points to some suppressed childhood trauma, I dunno…

Years ago, I had an old and wise mentor who explained everything weird in the (human) universe by a unique (for each occurrence) blend of two forces: corruption and stupidity. Perhaps this can be applied here? Some may believe this out of ignorance (see more on this below) while others choose to believe it because their VC funding depends on it…

Anyhow, let’s look at the extreme fringe of a fringe. You may meet people who think that artificial intelligence today is so advanced that human presence inside the SOC is not necessary. Today! They actually think AI can already replace all humans in a SOC! Some of them even have a demo ready, powered by … ahem … “a demo-ready AI” that works — you guessed it! — in a demo. Sadly, it will never deliver even a tiny fraction of the promised benefits once confronted with a real-world, messy environments full of outdated systems, API-less data stores, tribal knowledge, junior IT people, and sprinkled with human incompetence…

Similarly, some people have never seen how a large enterprise functions, so they make assumptions about automation possibilities that are just wildly off. They struggle to grasp the complexity of a “typical” (ha! as if!) enterprise “layered cake” environment, with its layers of technology ranging from 1970s mainframes to modern serverless and gen AI systems.

To elaborate on the lack of enterprise environment knowledge, what makes it even worse is common reliance on tribal knowledge of unique systems — knowledge that only exists in the minds of specific individuals. It’s very difficult, if not impossible, for any automated system (whether AI-powered or not) to make decisions based on context that simply isn’t present in computers…

In other cases, an utter lack of understanding of how modern (and especially not-so-modern) security operations centers, and detection and response teams operate comes up. Some snakeoil sellers of “humanless SOC’” rely on things like ”this needs a current asset list, we will just query CMDB or Attack Surface Manager.” Ah, a CMDB that was last updated in 2008, and an ASM that covers a third of the environment … suuure. They often promise (or, worse: ask the customer to!) to “fix these issues before deployment,” failing to acknowledge that some of these issues have persisted for decades. “Decades, Karl!” That’s like 10+ years! :-)

Yet another category of people believe in a humanless SOC based on their complete lack of understanding of threats. In fact, they shift their AI so far right (“AI SOC = better alert triage”), and neglect bad detection content altogether… And, yes, threat actors sometimes know the environment better than the defenders do. I’m optimistic that in the long term, with the wider adoption of cloud computing, the occasional attacker advantage will vanish. Defenders will collect more data on their environments and be able to keep it updated (well, I can hope, can I?) Today, however, it is just not the case.

Now, what about trying to match the quality of a bad SOC, like one run by a low-end MSSP vendor? As I alluded before, artificial intelligence today seems close to matching the quality of a bad SOC without any humans. To this, I add: If you lower the bar enough, you can match the quality of a bad SOC even without AI. Just connect your SIEM alerts to an alert distribution mechanism like email. Done! You have a really, really, really, really bad SOC, and without any humans. And without AI too!

So using this argument (“I can replicate a really bad SOC with AI”) is essentially cheating (more seriously, if one can replicate a “mediocre+” MDR but without any human “butts in seats”, this can be a decent business!)

Finally, there is one delusion that’s actually worthy of deeper analysis: the belief that AI will soon advance so rapidly and so massively that it will replace all humans in the SOC. Let’s not turn this into “are LLM a path to AGI?”; actual AI experts can debate this one. We will focus on the SOC.

Let’s start this discussion with good news. Several years ago (2021), I was a long-term optimist, but a short-term skeptic about AI in security. Now, I’m even more optimistic in the long term and cautiously optimistic in the short term. Despite my optimism, I don’t see a short-to-medium-term trajectory for AI that would lead to a humanless SOC. I do see a lot of AI use in the SOC, to be sure, but a SOC run by humans!

Notably, when we developed Autonomic Security Operations (ASO), we stressed that humans are central to modern security operations (as they are with our own D&R capabilities). We also mentioned the many tools used in such operations, including of course AI.

Where can you go from here? We can discuss what’s possible, and increased automation of your security operations center is definitely on that list. We can also explore the potential pathways that might eventually (EVENTUALLT!) lead to a humanless SOC. However, this is the world of tomorrow…

… and we are back to today!

Here are my Top Reasons Why a SOC Without Humans Will Not Happen:

1. Tribal Knowledge: Crucial knowledge for alert triage, investigation and detection authoring often exists only in someone’s head, not in any automated or even any digital system (you gen AI “agent” may read the pages of an analog notebook, to be sure, but a human is needed to shove said notebook in front of a robot’s all-seeing-eye…)
2. Adaptable Attackers: Creative attackers will continue to outsmart automated (including gen AI — powered) defenses, as they possess the ingenuity and adaptability that machines currently lack (this argument very much applies to short-to-medium term and I make no promises for long term, mind you, AGI FTW … but LATER!)
3. Security Data Quality: Many AI projects are limited by the quality of their data. Building an excellent “AI SOC” requires vast amounts of high-quality data, which is often unavailable, and this is doubly so for company-specific data (we can debate how attack-surface-agnostic you can make this in later blogs…)

These are just a few of the main reasons why a fully automated (humanless, fully autonomous, etc) SOC is not feasible in the near future. If you encounter someone who believes in this fallacy, remind them of the importance of tribal knowledge, expert intuition, attacker adaptability, and the limitations of current AI technology due to insufficient data quality. These challenges remain largely insurmountable, even with projected technological advancements.

Finally…

A critical challenge in writing this blog is my unwavering belief in the relentless pursuit of automation within a detection and response domain. Ideas like ASO (and its origins) have demonstrated that an engineering mentality and a drive to automate more activities are crucial for building a modern SOC. In fact, SRE’s job is to “automate yourself out of your job”, but here lies a paradox: humans are needed to automate humans out of a human job, yet this loop is endless…

Related posts:

• Baby ASO: A Minimal Viable Transformation for Your SOC
• Anton’s Alert Fatigue: The Study
• New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)

A Brief Guide for Dealing with ‘Humanless SOC’ Idiots was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post A Brief Guide for Dealing with ‘Humanless SOC’ Idiots appeared first on Security Boulevard.

The post How Can Generative AI be Used in Cybersecurity appeared first on AI Security Automation.

The post How Can Generative AI be Used in Cybersecurity appeared first on Security Boulevard.

President Biden’s detailed executive order relating to cybersecurity is great to see.

Biden’s order reflects the importance of cybersecurity at the highest levels – it is an issue of national security and should be treated as such.

One of the … (more…)

The post GUEST ESSAY: President Biden’s cybersecurity executive order is an issue of national security first appeared on The Last Watchdog.

The post GUEST ESSAY: President Biden’s cybersecurity executive order is an issue of national security appeared first on Security Boulevard.

A business's data is one of its most valuable assets. Protecting this asset is paramount, especially in machine learning use cases. This post dives deeper into one well-known technique to protect sensitive data called redaction.

The post Top 5 risks of not redacting sensitive business information when machine learning appeared first on Security Boulevard.

Author/Presenter: Bill Graydon

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Bypass 101 appeared first on Security Boulevard.

Explore the revolutionary Grok AI system in this comprehensive guide. From its sophisticated architecture to real-world applications, discover how this advanced AI assistant integrates with the X platform while maintaining robust privacy and security measures.

The post The Comprehensive Guide to Understanding Grok AI: Architecture, Applications, and Implications appeared first on Security Boulevard.