• Blog
  • Security Operations

Security Operations

Automate Insecure OpenSSH vulnerability patching in Ubuntu AWS EC2 with Cortex Xpanse

Automate Insecure OpenSSH vulnerability patching in Ubuntu AWS EC2 with Cortex Xpanse

A new vulnerability in Open Secure Shell (OpenSSH), identified as Common Vulnerabilities and Exposures (CVE) CVE-2023-25136, poses a significant threat to Amazon Web Services Elastic Cloud Compute (AWS EC2) instances. If left unpatched, this vulnerability could leave your instances vulnerable to attack, potentially resulting in the loss of sensitive data or damage to your company's reputation.

Announcement
Product Features
Use-Cases
Jul 25, 2024
By 

Security Operations

Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
AI Provides an Rx for Cybersecurity in Healthcare
Company & Culture, Must-Read Articles, Product Features, Products and Services

AI Provides an Rx for Cybersecurity in Healthcare

As cyberthreats evolve and proliferate, healthcare organizations are increasingly recognizing the need to embrace artificial intelligence (AI) in their cybersecurity efforts. This...
Jul 10, 2024
By  and
Exploring the Art and Science of Threat Hunting with Oded Awaskar
Must-Read Articles, Uncategorized

Exploring the Art and Science of Threat Hunting with Oded Awaskar

Mastering the art of threat hunting allows security teams to go on the offensive — to put themselves in the minds of bad actors and stop them in their...
Jul 23, 2024
By 
Rapid Response for OpenSSH Vulnerability CVE-2024-6387

Rapid Response for OpenSSH Vulnerability CVE-2024-6387

An unauthenticated remote code execution (RCE) vulnerability in OpenSSH’s server could potentially grant an attacker full root access, which poses a significant exploit risk. RegreSSHion, also known as CVE-2024-6387, was discovered by Qualy...
Jul 12, 2024
By 
Get Ahead of Chrome Changes with Cortex Xpanse
Announcement, Must-Read Articles, News and Events, Product Features

Get Ahead of Chrome Changes with Cortex Xpanse

In June 2024, Google announced it would no longer trust digital certificates issued by Entrust, a popular certificate authority. This decision will block all websites that use Entr...
Jul 08, 2024
By 
AI Powers Sabre's Enhanced Threat Detection & Response
Company & Culture, Customer Spotlight, Must-Read Articles, Product Features, Products and Services, Use-Cases

AI Powers Sabre's Enhanced Threat Detection & Response

As the cyberthreat landscape continues to evolve at an unprecedented pace, security teams are turning to artificial inte...
May 28, 2024
By 
SmartGrouping - Precision AI™-Driven Investigation
Product Features, Uncategorized, Use-Cases

SmartGrouping - Precision AI™-Driven Investigation

SmartGrouping is a crucial aspect of security operations, allowing to connect disparate alerts and paint a comprehensive picture of an attack. It's like piecing together a puzzle, where each alert represents a...
May 23, 2024
By  and
Creating a Security Program with Less Complexity and More Visibility
Company & Culture, Products and Services, Unit 42

Creating a Security Program with Less Complexity and More Visibility

Developing a strong security program is like tending a garden. It takes a lot of work, and you don’t always see immediate results. Every day you water...
May 23, 2024
By 
AI in Cyber Is Here to Stay — How to Weather This Sea Change
Must-Read Articles, Points of View, Products and Services

AI in Cyber Is Here to Stay — How to Weather This Sea Change

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI rese...
May 22, 2024
By 
Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats
Product Features, Products and Services, Unit 42

Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats

It would be nice to imagine our SOC analysts as the apex predators of the IT jungle, stalking the network perimeter and tracking the scent of trespass...
May 21, 2024
By 
The Dark Side of AI in Cybersecurity — AI-Generated Malware
Must-Read Articles, Points of View, Products and Services

The Dark Side of AI in Cybersecurity — AI-Generated Malware

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI rese...
May 15, 2024
By 
Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach
Must-Read Articles, Product Features

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security ch...
May 14, 2024
By 
Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Attacks
Playbook of the Week, Uncategorized

Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Att...

Organizations face increasingly sophisticated cyberattacks in today's rapidly evolving threat landscape. Attackers leverage common tools and living-Of...
May 09, 2024
By 
Short, Mid and Long-Term Impacts of AI in Cybersecurity
Must-Read Articles, Product Features, Products and Services

Short, Mid and Long-Term Impacts of AI in Cybersecurity

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, consulting, engineering and more....
Feb 01, 2024
By 
Who’s the Boss? Teaming Up With AI in Security
Must-Read Articles, Products and Services

Who’s the Boss? Teaming Up With AI in Security

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, consulting, engineering and more....
Feb 14, 2024
By 
Harnessing the Power of AI in Cybersecurity — Predictions and Solutions
Must-Read Articles, Products and Services

Harnessing the Power of AI in Cybersecurity — Predictions and Solutions

“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42 with roles in AI resea...
Feb 07, 2024
By 
AI, Cybersecurity and the Rise of Large Language Models
Must-Read Articles, Product Features, Products and Services

AI, Cybersecurity and the Rise of Large Language Models

Artificial intelligence (AI) plays a crucial role in both defending against and perpetrating cyberattacks, influencing the effectiveness of security measures and the evolving nature of threats in the digital la...
Apr 02, 2024
By 
Playbook of the Week: Automating Management of XDR Identity Analytics Alerts
Playbook of the Week, Uncategorized

Playbook of the Week: Automating Management of XDR Identity Analytics Alert...

Identity analytics is a critical cybersecurity tool in combating the challenges posed by compromised user accounts and malicious insiders. Identity th...
Mar 07, 2024
By 
A Deep Dive Into Malicious Direct Syscall Detection
Must-Read Articles, Non classifié(e), Product Features

A Deep Dive Into Malicious Direct Syscall Detection

In this blog post we will explain how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls. Then...
Feb 13, 2024
By  and
XSIAM 2.0: Continuing to Drive SOC Transformation
Announcement, Must-Read Articles, Product Features, Products and Services

XSIAM 2.0: Continuing to Drive SOC Transformation

Security teams have an important and difficult job – protecting their organizations from a threat landscape that is constantly changing. Based on investigations conducted by our Un...
Nov 13, 2023
By 
Playbook of the Week: Using YARA to Automate Malware Identification and Classification in XSOAR
Playbook of the Week, Uncategorized

Playbook of the Week: Using YARA to Automate Malware Identification and Cla...

In the dynamic realm of cybersecurity, maintaining a proactive defense against evolving threats is non-negotiable. One potent weapon that has emerged...
Feb 01, 2024
By 

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts