Focus Area: Cyber Defence Center

What is Cyber Defence Center

Today, the Cyber Defence Center (CDC) or Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes for them to decide whether an alert indicates a real cyber-attack or is merely a false positive. In fact, the biggest challenge the security industry is now facing is the lack of qualified experts to deal with the growing number of cyber-threats.

To address this massive skills gap, a new generation of security solutions has emerged recently, with vendors focusing on filtering out the statistical noise and bringing the amount of security alerts to a manageable number of alerts categorized by their severity, improving security analysts’ efficiency with intelligent automated controls and, last but not least, on enabling even non-technical persons to make informed decisions and initiate incident response as quickly as possible. From statistical correlation methods to machine learning algorithms, from risk models to behavior profiling, from threat intelligence to cognitive technologies – there is a lot of exciting new developments going on in information security, which promise to dramatically improve the efficiency of your SOC.

Latest Research, Upcoming Webinars and Events From
Cyber Defence Center

Webinar

Reducing Risk with User Behavior Analytics (UBA)

Business landscape is changing rapidly where most organizations, irrespective of the vertical, are transforming themselves into technology organizations. With the adoption of Internet of Things (IoT), the number of connected entities has increased significantly. Managing identities of people, things and other objects in an automated and predictive manner is becoming the new norm. Simultaneously, the burgeoning number of identities exposes a broader attack surface posing a big challenge to these organizations and their growth plans. More

Executive View

Executive View: Symantec Advanced Threat Protection - 71155

Symantec Advanced Threat Protection is a unified platform for uncovering and remediating advanced cyber-attacks across endpoints, network and email, which augments existing Symantec endpoint protection and threat intelligence technologies with advanced security analytics capabilities. More

Webcast

Reducing Risk with User Behavior Analytics (UBA)

Artificial Intelligence (AI) and Machine Learning have matured to the point where making use of analytics in Security broadly is possible. With this more specifically in Identity & Access Management is now possible. One of the most interesting applications of such analytics has been in managing privileged identities and accounts. Given that such identities and accounts have access to sensitive and business critical data, it is very important to ensure that they are not only protected, but also monitored in real time for anomalies in behavior. The use of User Behavior Analytics (UBA) to More

Webinar

Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud. This extends the risk surface. It is no longer about protecting some centralized servers in a well-secured data center, but about a sprawl of systems and services. More

Latest News From Cyber Defence Center

Executive View

Executive View: Symantec Advanced Threat Protection - 71155

Symantec Advanced Threat Protection is a unified platform for uncovering and remediating advanced cyber-attacks across endpoints, network and email, which augments existing Symantec endpoint protection and threat intelligence technologies with advanced security analytics capabilities.

Executive View

Executive View: Securonix SNYPR - 70292

Securonix SNYPR is an open and modular next-generation security intelligence platform that combines log management, security information and event management, user and entity behavior analytics and fraud detection, serving as a foundation for a broad portfolio of specialized security…

Blog

OpenC2 – Standards for Faster Response to Security Incidents

Recently, I came across a rather new and interesting standardization initiative, driven by the NSA (U.S. National Security Agency) and several industry organizations, both Cyber Defense software vendors and system integrators. OpenC2 names itself “a forum to promote global development…

Blog

Cognitive Technologies: The Next Big Thing for IAM and Cybersecurity

The ongoing Digital Transformation has already made a profound impact not just on enterprises, but our whole society. By adopting such technologies as cloud computing, mobile devices or the Internet of Things, enterprises strive to unlock new business models, open up new communication…

Webcast

Reducing Risk with User Behavior Analytics (UBA)

Artificial Intelligence (AI) and Machine Learning have matured to the point where making use of analytics in Security broadly is possible. With this more specifically in Identity & Access Management is now possible. One of the most interesting applications of such analytics has been in…

Executive View

Executive View: Cisco Advanced Malware Protection - 72518

Cisco Advanced Malware Protection (AMP) is an integrated enterprise security intelligence and malware protection solution. By combining global threat intelligence with dynamic malware analysis and continuous endpoint and network monitoring, AMP provides constant visibility and control…

Blog

Building a Future-proof Intelligent Security Operations Center, Part 2

Security Intelligence Platforms (SIP) are universal and extensible security analytics solutions that offer a holistic approach towards maintaining complete visibility and management of the security posture across the whole organization. Only by correlating both real-time and historical…

Blog

Building a Future-proof Intelligent Security Operations Center

I have to admit that I find the very concept of a Security Operations Center extremely… cinematic. As soon as you mention it to somebody, they would probably imagine a large room reminiscent of the NASA Mission Control Center – with walls lined with large screens and dozens of…

Webinar

Mar 30, 2017: Reducing Risk with User Behavior Analytics (UBA)

Business landscape is changing rapidly where most organizations, irrespective of the vertical, are transforming themselves into technology organizations. With the adoption of Internet of Things (IoT), the number of connected entities has increased significantly. Managing identities of…

Webcast

Privileged User Monitoring as Key Element of Counter-Measures

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-connected enterprise, where everyone has access to everything, and where services reside somewhere, in the organization and in the cloud.…

About KuppingerCole

Our Capabilities

KuppingerCole’s values are expertise, thought leadership, neutrality and outstanding practical relevance.

Our People

KuppingerCole’s highly qualified and globally recognized analysts continuously research and update KuppingerCole online research library, and perform manufacturer-independent advisory services.

Our Methodologies

Proven approach of KuppingerCole focuses on lean, efficient projects, with a structured methodology based on ongoing research, publications, and thought-leading deep knowledge of our analysts.

Our Experience

A large number of KuppingerCole’s existing reports and a significant number of new reports published every year ensures that you can always access up-to-date information you need for your decisions.

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Sign Up now

Blog

Stay Connected

Latest Insights

Hot Topics

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00