Artificial Reality | The PatternEx Blog

More Morphing in the Security Services Space: Moving from SOC to SOCaaS

We have more morphing in the security services space. When ISPs came into being in the mid-1990s, there came a need to provide some security services to customers who did not have a capability to provide such for themselves. Hence MSSPs were born. For many years, adoption of MSSP services remained quite low. Many potential customers just could not bring themselves to trust a 3rd party with their security needs.

Topics: MSSP SOC Threat Detection AI

What to Look for in an MDR Provider

Book a Meeting

In my last blog posting, I talked about why you should consider moving to an MDR provider. In this post, I want to discuss what you should be looking for in an MDR provider. There are several factors that should be considered if you are going to have a successful partnership with an MDR provider. Leading research and advisory companies (and others) have written about such too, but I don’t charge vendors to say nice things about them. 😀

Topics: MSSP analytics SOC Threat Detection machine learning

Why move to MDR?

If you have been keeping up with your security reading recently, you might have noticed an uptick in the ‘noise’ level about MDR. A) Is that true? B) If so (true), then why?

Topics: MSSP analytics SOC AI

Is There a (MSSP) Bubble Coming?

As we approach the ten year anniversary of the subprime mortgage crisis, which precipitated a housing bubble collapse and contributed significantly to the Great Recession, I am wondering if another bubble is building?

Topics: MSSP analytics SOC Threat Detection

Is Trust Breaking Out?

There has been an information security mantra for years in the United States about the need for a public - private partnership. While ISACs have existed since the late 1990s, the results of public - private partnerships have hardly been harmonious; instead acrimony has been been the order of the day in most instances. Private sector organizations have long complained about the one way flow of information security data and information: from the private sector to the federal government, with nothing in return. That’s not entirely true, but that is the strong perception at least. For example, the NSA has been providing malware signatures to DIB (defense industrial base) companies for a couple years (e.g., “NSA Chief: Agency Wants To Provide Malware Signatures, Not Enter Private Networks”). The response of the private sector has generally been criticism of NSA’s perceived motives, and criticism about the quality of the NSA malware signatures provided. Of course this private sector skepticism was confirmed by the Snowden revelations in June 2013. Particularly galling to the private sector (especially the technology companies) was NSA’s PRISM surveillance program. Even within the private sector information sharing has been restricted. For example, ISACs are generally restricted to industry-specific members, and raw data is not shared. Rather. processed information, such as IOCs and malware indicators, are shared.

Topics: MSSP SOC AI

Changing Business Considerations for MSSPs: Saying Goodbye to Soda Straw Views

As the threat landscape has evolved (e.g., increased number and size of DDoS attacks), MSSPs are being forced by the market to evolve their service offerings. It simply is no longer acceptable for an MSSP to manage perimeter firewalls, a couple of Internet-facing applications, and perhaps a couple of important internal systems (e.g., Active Directory domain controllers). Why not? Because such (effectively) stand alone ‘soda straw’ views do not provide the MSSP (nor the customer) with the context needed to be able to detect today’s sophisticated attacks. For example, with that hypothetical monitoring scenario, it would be extremely difficult to detect lateral movement, let alone a compromise of individual systems.

Topics: MSSP analytics AI Threat Detection

RSA Conference Recap: the Synergies Between AI & IoT

Last month, the RSA Conference was held in San Francisco, it’s usual location. While attendance numbers for the conference have not been released yet, apparently attendance was not as large as last year’s record of some 43K+ attendees. And, it did not seem as crowded as last year—good!

Topics: MSSP SOC infosec IoT

Why MSSPs Should Be Interested in Virtual Analyst Technology

MSSPs face several challenges in effectively running their operations, and subsequently providing value to their customers. For example, MSSPs’ customers are often demanding, and are concerned about their TCO. 

Topics: SOC MSSP Threat Detection