Command Zero

⚠ Fresh research alert! ⚠ We've released "Top Challenges in Cyber Investigations & Recommendations for SecOps Leaders" based on 352 interviews with cyber leaders and practitioners over 24 months. The report has staggering findings: - 92% of organizations lack standardized cyber investigation processes, - 88% of security leaders expressed concerns about operational issues related to the lack of skilled staff and high attrition rates, - 72% admitted to having blind spots for non-security data sources. Read our press release for more: https://lnkd.in/gHPeQyi5

"... With how fundamental software development processes are to the modern enterprise, DevOps platforms like GitHub are no longer just developer platforms—they are juicy targets for malicious users and attackers. We see two critical dimensions that security teams need to monitor:  1. Protecting intellectual property in your repositories,  2. Preventing, detecting and responding to the increasingly sophisticated ways threat actors weaponize DevOps platforms for attacks. Think code injection, backdoor merges and open-source hijacking..." Read Eric Hulse's latest blog post for his take on GitHub investigations and how Command Zero can help: https://lnkd.in/dMcs-u2r

We're #hiring a new Go Developer in Calgary, Alberta. Apply today or share this post with your network.

"...Email remains the foundation of most security investigations, whether they involve business email compromise, phishing, or insider threats. Our experience shows that if an investigation doesn't touch email, it probably should - email behavior provides crucial context for almost every security incident. Most playbooks focus narrowly on whether a user clicked a malicious link, then jump straight to endpoint analysis. This misses critical signals in the user behavior. The noteworthy questions are: What did the user do in their email after the click? Did they start sharing sensitive files? Did they initiate unusual communications with accounts payable? How did their behaviors change in SaaS applications or other connected systems?.."  Read Alfred Huger's latest post to discover how Command Zero's novel approach reduces the psychological burden on investigators, enabling accurate analysis outcomes in minutes instead of hours. https://lnkd.in/gBqjkwUX

"...Like emerging technologies of the past, most engineering teams are building on shifting sand when it comes to AI security. While most of the core principles of software/infrastructure security are still applicable to AI, LLMs bring unique challenges to the mix for enterprises. The good news is, as an industry we’re putting in deliberate effort to prevent history from repeating itself..." Read Erdem Menges' latest post for our takeaways from the Cloud Security Alliance's Securing LLM Backed Systems guidance and how Command Zero implements these controls to secure our LLM-backed systems.  https://lnkd.in/gEG5EBeD

We're #hiring a new Senior Frontend Developer in Calgary, Alberta. Apply today or share this post with your network.

We are #Hiring for Security Researcher roles at Command Zero currently. This role, in particular, is perfect for people with strong backgrounds in Tier 3 & senior SOC analyst roles and Incident Responders (in cloud environments). It's product-focused, so if you are looking to move your career into building security products (or know someone who is), this might be of interest to you.

We're #hiring a new Cyber Security Researcher in Canada. Apply today or share this post with your network.

"Threat intelligence is one of the main building blocks for effective security operations. It provides the historical context needed to make sense of alerts, logs, and potential threats. But operationalizing threat signals face three major challenges: consistency, volume, and actionability... ...By using pre-built content and execution paths paired with expert LLMs, Command Zero enables security teams to quickly act on threat intelligence without the need for complex queries or manual investigations..." Read Eric Hulse's latest blog post to find out how forward-looking security operations teams are operationalizing threat intelligence. https://lnkd.in/dTP76n4q #SecOps #CTI #SOC

"... To defend against password spraying attacks, organizations should follow the best practices: Implement multi-factor authentication, enforce strong password policies, and use account lockout mechanisms after a certain number of failed login attempts... Another essential defense is to investigate all password spray attempts thoroughly while auditing MFA and access controls. It is unlikely that our defenses will not be breached, but it is likely that we can minimize the damage by continuous investigations and immediate response..." Read Alfred Huger's latest blog post for his take on best practices against password spray attacks and how Command Zero can help. https://lnkd.in/gvecniQV #SecOps #investigations #password-spray