Monthly newsletter December 2024: SOC as a Service offers speed of response and accuracy in threat detection

In the field of cybersecurity, human expertise is indispensable alongside technology. The primary benefit that clients of Safetech Innovations’ Security Operations Center (SOC) services receive is access to a dedicated team of experts. This team currently analyzes an average of 12,000 alerts and mitigates 150 security incidents monthly.

Additionally, the Safetech team works continuously to improve the performance indicators of SOC services, such as reducing the rate of false-positive and false-negative alerts. More details about these actions can be found in the article below:

Safetech SOC as a Service: Speed and Accuracy in Threat Detection

If your organization lacks this level of expertise, SOC as a Service is the ideal solution. You will benefit from a comprehensive package that includes specialized and certified personnel, state-of-the-art technology, mature procedures, and continuously updated best practices.

Happy Holidays, and enjoy reading!

Safetech Innovations Team

Below you will find a series of recent news about our main partners.

Technology news         

Picus Advances Automated Penetration Testing to Provide Comprehensive Adversarial Exposure Validation

Picus Security announced new innovations to its Attack Path Validation (APV) product. The new Picus APV now offers security teams accurate, risk-free, and continuous automated penetration testing to uncover critical risks, while significantly reducing business disruptions and time spent on threat research. Combined with its Breach and Attack Simulation technology, Picus provides a comprehensive approach to Adversarial Exposure Validation for enterprise organizations.

Picus APV mimics the evasiveness of real-world attackers, including techniques such as lateral movement, data exfiltration, and encrypting files on the target network often associated with ransomware attacks. This ensures that testing remains stealthy, avoiding premature detection and ultimately providing a far more accurate representation of genuine threat scenarios.

Designed to ensure safe testing, Picus APV prevents harmful exploits from running in production which minimizes risks like system crashes and network outages. To help security operations teams save precious time and effort, Picus APV can run continuously on autopilot or on a set schedule, even while allowing multiple assessments to run in parallel.

?

Cequence Security Research Reveals $2.58M Per Hour at Risk to Cybercrime During Holiday Shopping Season

Cequence Security unveiled new insights from its CQ Prime threat research team that underscore the growing cyber threats targeting the retail sector during the holiday season. The research reveals that businesses could face average potential losses of $2.58 million per hour throughout December due to malicious bot traffic and fraud attempts. Key findings:

• Financial Impact of Cybercrime: Cybercrime during the 11-day period from November 22 (Black Friday) to December 2, 2024 (Cyber Monday) resulted in $681.12 million in potential losses, with projections for December 2024 averaging $2.58 million in losses per hour, totaling $1.79 billion.
• Sophisticated Attack Techniques: Sophisticated attack techniques, including credential stuffing, SMS pumping, and token farming, experienced a 700% YoY increase.
• Real-World Mitigation: A major e-commerce company mitigated an SMS pumping attack that cost $3,000 every four hours, successfully blocking fraudulent account creation and preventing further financial losses with Cequence’s advanced bot and API protection.
• Real-World Mitigation: Cequence managed a 125% traffic surge on Black Friday, blocking 11.5 million malicious attempts.

Bitdefender Enhances its Extended Detection and Response (XDR) Capabilities for Protecting Business Data in the Cloud

? 比特梵德 announced enhancements to its GravityZone XDR platform with the addition of its new Business Applications sensor, designed to protect corporate data hosted and stored in cloud-based productivity and collaboration applications. The sensor will initially support Atlassian cloud applications including Confluence, Jira, and Bitbucket, with plans to extend to other popular software-as-a-service (SaaS) platforms frequently used in business operations.

?With its latest advancements, Bitdefender addresses a major challenge—balancing the operational benefits of cloud-based applications and the need to maintain robust security and reduce risks as the attack surface continues to expand. GravityZone XDR increases threat visibility across infrastructure, cloud workloads, identities and applications by unifying and associating data from multiple sources into single, actionable organization-level incidents.

?Once integrated into an Atlassian cloud environment the Business Applications sensor allows organizations to monitor and analyze security events stemming from Atlassian applications, baseline and detect unusual behavior, and immediately restrict access for suspicious users.

Cloudflare Publishes Top Internet Trends for 2024

? Cloudflare published its fifth annual Year in Review, exploring global Internet insights and security trends during 2024, accompanied by a deeper dive on the most popular Internet services. The new data unveils record-high government-directed Internet shutdowns, a rise in malicious traffic, and cyberattacks targeting the Gambling and Gaming industries. Some of the biggest highlights of 2024 include:

• Most Targeted Industry: Globally, the Gaming and Gambling industry became the top target for threat actors, overtaking the Finance sector, which was the most targeted category in 2023.
• Malicious Traffic: The Internet has not become significantly more dangerous over the past year, with about 6.5% of all global traffic mitigated as potentially malicious – only a slight increase from 2023.
• Most Aggressive AI Bots: AI bots and crawlers have been in the news for voraciously consuming content. But while Bytespider (ByteDance) and ClaudeBot (Anthropic) were the most active, both of their overall traffic gradually declined over the course of the year.