Cybersecurity Archives

Level up your SecOps with XGEN SOAR at Splunk .conf22

Events ,
SOAR

by Shriram Sharma - May 27, 2022

We’re psyched to meet security leaders from across the globe next month at Splunk’s .conf22 at the MGM Grand in Las Vegas on June 13-16. This year’s in-person conference also includes the option to join virtually, so Splunkers from around the world can watch the all the sessions remotely, access the...

Why MITRE Calls SOAR “Indispensable” in its Latest Book

MITRE ATT&CK ,
SOAR

by Shriram Sharma - May 19, 2022

MITRE Corp’s recently published book, 11 Strategies of a World-Class Cybersecurity Operations Center, is a must-read for security operations center (SOC) teams and just about anyone interested in infosec. The book is written for professionals who work in a SOC, but applies to any security operations...

How SOAR Can Help You Attract and Retain Cybersecurity Talent

SOAR

by Shriram Sharma - May 12, 2022

Security operations center (SOC) teams play a vital and underappreciated role in the function of any organization, but they are especially crucial in many sectors — including finance, technology, and healthcare. Members of SOC teams work around the clock and are responsible for keeping the company s...

What’s the Difference Between SOAR and SAO?

SOAR

by Shriram Sharma - May 3, 2022

Security Orchestration, Automation and Response (SOAR) is a relatively new product category – in fact, it just turned five. Research and consulting firm Gartner is credited with coining the term around April 2017, judging by the earliest web artifacts that we found on Google. Great minds think alike...

D3 Security Gives MSPs the Superpower to Become MSSPs

MSSPs ,
SOAR

by Shriram Sharma - April 28, 2022

The days when a managed service provider’s (MSP) role was just to provide support services are long gone. As cyber-threats continue to evolve, MSPs are moving beyond the call desk and becoming security specialists themselves. The cybersecurity industry is a dynamic space and an increasingly importan...

10 of the Best Open Source Threat Intelligence Feeds

SOAR

by Walker Banerd - April 25, 2022

10 Cyber Threat Intelligence Feeds that You Can Use in Your Security Operations In our ongoing quest to help security operations and incident response teams work more effectively, we’ve created a list of the top 10 open source threat intelligence feeds. Each threat feed listed here can be inge...

See the Evolution of the MITRE ATT&CK Framework from 2015 to Now

MITRE ATT&CK

by Shriram Sharma - April 22, 2022

If you are a cybersecurity practitioner, you probably know what ATT&CK is all about. But just for those who aren’t aware, here’s a quick refresher on this revolutionary threat intelligence framework. So what is the MITRE ATT&CK framework? ATT&CK, which stands for Adversarial Tactics, Tec...

Automate Vulnerability and Threat Management with D3 & ThreatWorx

SOAR

by Walker Banerd - April 12, 2022

It’s no use knowing about vulnerabilities in your environment if you don’t have the resources to quickly turn that knowledge into action. It may sound obvious, but vulnerabilities often stay unresolved much longer than they need to, even when the fix is simple. Communicating what needs to be fixed a...

How D3 Can Help Security Leaders Converge Cyber and Physical Security Operations

Physical Security ,
SOAR

by Shriram Sharma - March 24, 2022

A hacker breaks into a Florida town’s water supply and tries to poison it with lye. That’s not a fictional tale from a Hollywood script – that’s an actual news story in the Washington Post from a year ago. Fortunately, an operator was watching the attack unfold from his desk at the water treatment p...

D3’s Event Pipeline is the Perfect Example of Gartner’s ‘Hyperautomation in Security’

SOAR

by Shriram Sharma - March 14, 2022

We recently published a whitepaper about our Event Pipeline, which is sort of like the nerve center of our SOAR platform. In case you haven’t heard of it, the Event Pipeline is D3 XGEN SOAR’s global event playbook. It leverages 500+ out-of-the-box integrations to enable triage, investigation, and re...

The Time for SOAR is Now

SOAR

by Shriram Sharma - March 9, 2022

For a term that was only coined less than five years ago, SOAR (security orchestration, automation, and response) has matured significantly to a point where it has become table stakes for a modern SOC. SOAR helps security teams cope with several challenges, including information overload from a delu...

How D3 and ZeroFox Enable Proactive Threat Hunting and Automated Brand Protection

SOAR

by Walker Banerd - March 4, 2022

One of the great things about SOAR is that it can make powerful tools even more powerful, by integrating them into end-to-end, automated workflows. One such tool is ZeroFox, a full-spectrum threat intelligence and digital risk protection (DRP) platform. ZeroFox is an important technology partner of ...

ICYMI: Highlights From the Webinar with Forrester’s Allie Mellen on the Future of SOAR

SOAR

by Shriram Sharma - March 1, 2022

Our recent webinar with Forrester’s Allie Mellen and D3 Founder Gordon Benoit featured a fascinating debate and discussion on the state and future of SOAR. In case you prefer to read rather than watch or listen, we’ve transcribed the most important parts of their exchange below. Read on for Allie a...

SIEM vs. SOAR: How they Differ and Why they Work Well Together

SOAR

by Walker Banerd - January 26, 2022

There has always been some confusion around the distinctions between SIEM (security information and event management) and SOAR (security orchestration, automation, and response), which has been made worse in the past few years as some SIEM vendors have purchased SOAR companies in order to incorporat...

Webinar: Forrester and D3 Debate the Future of SOAR

News ,
SOAR

by Walker Banerd - January 21, 2022

We have an upcoming webinar on February 16th that anyone with an interest in cybersecurity is not going to want to miss. You may have seen the news earlier this month that Google acquired SOAR vendor Siemplify. This prompted Forrester’s Allie Mellen—a prominent security expert—to write an article wi...

Hyperautomation: One of Gartner’s Emerging Security Trends

Reports ,
SOAR

by Walker Banerd - January 19, 2022

Gartner recently published the latest edition of its Emerging Technologies and Trends Impact Radar for security (Gartner, Emerging Technologies and Trends Impact Radar: Security, Ruggero Contu, Mark Driver, Lawrence Pingree, Elizabeth Kim, John A. Wheeler, Swati Rakheja, Nat Smith, Mark Wah, Dave Me...

What You Need to Know About the Log4j Zero-Day Vulnerability

Industry ,
News

by Walker Banerd - December 15, 2021

Just as people were starting to turn their attention to the upcoming holidays, the cybersecurity world received an unwelcome end-of-year surprise over the weekend: the critical RCE vulnerability CVE-2021-44228—now being referred to as Log4Shell. The vulnerability affects Apache Log4j, a very widely ...

Guides to SOAR for Different Security Roles

SOAR

by Walker Banerd - December 3, 2021

We recently published three guides to SOAR (security orchestration, automation, and response) that are each specialized to a specific audience. The three audiences are security operations center (SOC) analysts, chief information security officers (CISOs), and managed security service providers (MSSP...

Credence Security Signs Distribution Agreement to Provide D3’s XGEN SOAR Across the Middle East & India Region

News

by Walker Banerd - November 17, 2021

The following is a reposting of a press release by our partners at Credence Security. Dubai, United Arab Emirates — Wednesday 17th November 2021 – Credence Security, a leading, regional, specialized value-added distributor for cybersecurity, forensics, governance, risk and compliance solutions, toda...

How SOAR Can Help You Solve Cybersecurity Staffing Issues

SOAR

by Walker Banerd - November 5, 2021

Even before the pandemic completely reshaped the world of recruiting with an explosion of remote work, it was always hard for most employers to attract and retain qualified cybersecurity professionals. Security pros are in high demand, expensive to hire, and—in the average security operations center...

How to Turn the Lessons of Elite SpecOps into Elite SecOps

SOAR

by Walker Banerd - September 28, 2021

We recently published a new whitepaper titled, How the Principles of the Navy SEALs Can Improve Your Use of SOAR, which you can download here. In the whitepaper, we break down four components of the ethos that allows the Navy SEALs to achieve their goals at a level that is virtually unmatched by any...

Top SOAR Playbooks for 2022

SOAR

by Walker Banerd - September 23, 2021

In the never-ending fight against cyber criminals, effective SOAR playbooks are one of the most valuable weapons in a security team’s arsenal. Whether they’re pre-built by the SOAR vendor, or honed over time based on internal experience, playbooks can standardize effective responses to common incide...

The Security Implications of Remote Work

SOAR

by Walker Banerd - September 13, 2021

The shift toward broader acceptance of remote work is undeniable, and no longer tied to the acute dangers of the coronavirus pandemic. It is unclear where the level of remote work will stabilize in the coming years, but it seems very likely to stay much higher than the pre-2020 level. Many major com...

Why XDR is Not a Replacement for SOAR

SOAR

by Walker Banerd - September 3, 2021

Extended Detection and Response—commonly abbreviated to XDR—was first coined in 2018 and has since become an exciting buzzword in the cybersecurity world. Many vendors now offer XDR, which combines several of their products into one integrated offering. XDR grew out of Endpoint Detection and Respons...

D3 Security Expands Global Reach with $10M Investment from Vistara Growth

News

by Walker Banerd - August 31, 2021

Vancouver, BC — August 31, 2021 — D3 Security, the leader in next-generation security orchestration, automation and response (SOAR), today announced it had received a growth equity investment of $10 million USD from Vistara Growth, a provider of flexible growth capital solutions to technology compan...

DFS Ransomware Guidance for New York Financial Companies

Compliance

by Walker Banerd - August 25, 2021

New York’s Department of Financial Services (DFS) recently published a letter with their guidance on how regulated entities should work to prevent and mitigate ransomware attacks. The letter includes nine controls that regulated entities are expected to implement. The letter is important for both re...

What We Learned from the SANS 2021 Automation and Integration Survey

Reports

by Walker Banerd - August 19, 2021

SANS just released the results of its 2021 Automation and Integration Survey, a valuable annual resource for understanding the state of security automation and organizations’ plans for the coming year. Each year, SANS surveys hundreds of security administrators, IT managers, and other professionals ...

D3 Security Teams with SYNNEX Corporation to Distribute Advanced SOAR Platform

News

by Alex MacLachlan - August 3, 2021

D3 Security, the provider of next-generation security orchestration, automation, and response (SOAR) solutions, today announced a distribution agreement with SYNNEX Corporation, a leading provider of distribution, systems design and integration services for the technology industry, to offer the D3 X...

Join D3 at Level Up: Black Hat USA’s Premier Event

Events

by Walker Banerd - July 26, 2021

After a year-and-a-half of virtual events, we could not be more excited to get back to in-person conferences. The timing is perfect for D3, because we have a lot to tell our cybersecurity colleagues about, including XGEN SOAR: a complete overhaul of our SOAR platform. Our first event of the year is ...

How adding SOAR turned ineffective MSSP into valuable asset

Case Studies ,
SOAR

by Walker Banerd - July 5, 2021

The relationship between in-house security teams and managed service providers is becoming more complex. With the emergence of MDR, companies are able to outsource more of their incident detection and response. Whether you’re working with an MDR or MSSP, optimizing the value you get from your securi...

The Impact of D3 XGEN SOAR on the Modern SOC

SOAR

by Walker Banerd - May 12, 2021

The modern SOC is moving beyond alert-handling. The overwhelming number of alerts created by the myriad tools in the average SOC has become unmanageable. This has left most alerts uninvestigated, because there simply isn’t time to validate every threat. Advanced attackers know this and can purposefu...

MSSP, MDR & the Future of SOAR

Reports ,
SOAR

by Walker Banerd - April 22, 2021

In the managed security services market, the well-established Managed Security Service Provider (MSSP) model is facing a challenge from the emerging Managed Detection and Response (MDR) model. While each provider offers their own set of services, there are some general differences between the two, a...

SOC/NOC Integration: Considerations for Security Leaders

Reports

by Walker Banerd - April 7, 2021

Security operations center (SOC) and network operations center (NOC) teams take on different roles in the effort to keep an organization functioning securely and reliably. The NOC is focused on system availability and connecting people, while the SOC monitors cybersecurity and defends against attack...

D3’s Upcoming Release is a Launchpad for SOAR Integrations

SOAR

by Walker Banerd - March 15, 2021

Integrations are critical to the effectiveness of any SOAR platform, so delays or obstacles to the configuring, testing, and executing of commands between tools can compromise a SOAR implementation before it can get fully up and running. This is an area in which many SOAR platforms struggle. Setting...

KuppingerCole Names D3 an Overall Leader in SOAR Report

Reports ,
SOAR

by Walker Banerd - February 12, 2021

The European analysts KuppingerCole have released their Leadership Compass for Security Orchestration Automation and Response, a comprehensive look at the SOAR marketplace and vendor capabilities. Their extensive analysis of 12 SOAR vendors ranks the leaders in key areas, based on deep evaluation cr...

Test and Optimize Your Security Controls with D3 and AttackIQ

SOAR

by Walker Banerd - February 11, 2021

We are constantly adding new integrations to the list of 300+ tools with which D3 works to automate and orchestrate security operations. One of the most exciting technology partnerships we’ve formed in recent months has been with AttackIQ, a security optimization platform that provides a unique serv...

Year in Review Part 2: The SOAR Industry in 2020

SOAR

by Walker Banerd - January 8, 2021

In this second installment of our 2020 review, we’ll look back at three industry reports that were published in 2020. We’ll see what each one had to say about D3 NextGen SOAR, as well as the SOAR industry overall. Gartner’s SOAR Market Guide D3 was included as a representative vendor in...

Year in Review Part 1: D3 Highlights From 2020

SOAR

by Walker Banerd - January 5, 2021

2020 was challenging for everyone, and of course we felt that at D3 as we adjusted to new conditions throughout the year. Fortunately, however, we were still able to thrive and move our plans forward, despite the challenges, setting us up for a 2021 that we expect to be the best year in our long [&h...

SunBurst Playbooks for the SolarWinds Breach

SOAR

by Alex MacLachlan - December 23, 2020

The SolarWinds supply chain compromise has sprung nearly every security team into action in the past week as they try to determine whether any hosts on their network are running the Orion network monitoring software. Moreover, they are checking—and double-checking—for other signs of malicious acti...

Vertosoft Partners with D3 Security to Bring NextGen SOAR to U.S. Public Sector

News

by Walker Banerd - November 23, 2020

Vertosoft, the company driving emerging technology growth in government, announced today a partnership with D3 Security, a leader in advanced Security Orchestration, Automation, and Response (SOAR) technology. Through the partnership with Vertosoft, D3 Security has been named an approved vendor unde...

Three Reasons Why You Need an Independent SOAR Vendor

SOAR

by Walker Banerd - November 17, 2020

As the market for security orchestration, automation, and response (SOAR) platforms has exploded in the past few years, many SOAR vendors have been acquired by larger technology companies. Others have stayed independent. This split has added a new factor for SOAR buyers to consider, as Gartner cover...

D3 Strengthens Cloud Security Partnerships for Security Automation at Scale

SOAR

by Walker Banerd - November 3, 2020

Cloud security is becoming an increasingly important aspect of organizations’ overall security posture, but cloud security tools don’t always fit seamlessly with locally hosted security stacks. As SOAR moves into its next generation, it needs to be the solution that unites cloud and locally hosted s...

What’s New in the Latest Version of D3 NextGen SOAR

SOAR

by Walker Banerd - October 23, 2020

We are always making improvements to our NextGen SOAR platform, and we recently released a major new update for all of our clients. There are a lot of exciting updates, which can be summarized in a few key themes: Simpler integrations and playbooks. We’ve completely overhauled our playbook editor to...

The Top 10 Reasons Organizations are Choosing D3 SOAR Over its Competitors

SOAR

by Walker Banerd - October 6, 2020

The D3 customer base has been growing rapidly, especially in the past couple of years. Major new clients are signing on, existing clients are expanding their services, and our partners around the world are having great success connecting D3 with their clients. It’s been an exciting time. While the S...

8 Things Gartner Gets Right About SOAR (And 1 Thing They Get Wrong)

Reports ,
SOAR

by Alex MacLachlan - September 30, 2020

Gartner’s 2020 Market Guide for Security Orchestration, Automation and Response Solutions (Lawson, Bussa & Sadowski, September 21, 2020) was only released a few days ago, but it’s already become one of the most sought-after resources for security professionals evaluating SOAR. You can download y...

Cyber Incident Response and Beyond: 6 Ways D3 Helps You Manage the Full Scope of an Incident

Compliance ,
Forensics
Human Resources
Incident Response
SOAR

by Walker Banerd - September 21, 2020

Many SOAR platforms do a good job automating actions through playbooks that cover the basic security tasks needed to remediate simple threats. However, D3 has been in the incident response game since long before the acronym SOAR was even coined, and we have learned in our years of working with many ...

ITOps and DevOps Automation Insights from Datadog’s Virtual Conference

Events

by Walker Banerd - September 11, 2020

In August, we joined our friends at Datadog for the first-ever virtual version of their Dash Conference. While a virtual conference can’t match the excitement of getting out in the world to congregate with thousands of DevOps, incident response, and cloud industry peers, Datadog did a great job with...

Join D3 at Datadog’s Dash Virtual Conference

Events ,
News

by Walker Banerd - August 10, 2020

Because of the ongoing Coronavirus pandemic, industry conferences have unfortunately been on hold for many months. However, our partners at Datadog have completely reimagined their Dash conference as an entirely online event, happening August 11th, and it’s free for anyone to attend! We’re excited t...

5 Ways D3 SOAR Can Help You Prioritize Incidents

SOAR

by Walker Banerd - July 28, 2020

In almost any SOC, there are more incidents than can be properly investigated. Even with effective rules in your SIEM and other detection tools that rule out the majority of false positives and low-risk events, incident responders are still often overwhelmed with a never-ending queue. SOAR can bring...

D3 Joins the Microsoft Intelligent Security Association

News ,
SOAR

by Walker Banerd - July 24, 2020

(Update: 5/3/2022) Read D3’s Article on the MISA Security Blog Since we initially published this article, we’ve further developed our collaboration with Microsoft. We now offer 33 integrations with Microsoft tools. D3 SOAR automated incident response playbooks can orchestrate across Azur...

D3 Appoints Spire Solutions as Distributor of NextGen SOAR in Middle East and Africa

News ,
SOAR

by Walker Banerd - June 29, 2020

D3 Security, provider of the leading next-generation SOAR platform, today announced it has appointed Spire Solutions, the Middle East’s preferred security partner, as a value-added distributor in the Middle East and Africa. Under this partnership, Spire Solutions will support the distribution of D3 ...

D3 and Check Point Partner to Help Customers Respond to the Next Generation of Cyber Threats

News ,
SOAR

by Walker Banerd - June 25, 2020

Vancouver, BC—June 25, 2020—D3 Security, the leader in next-generation security orchestration, automation and response (SOAR), today announced a new partnership with Check Point Software Technologies Ltd., a leading provider of cyber security solutions globally, to help security teams automate and o...

10 Reasons to Use MITRE ATT&CK (and how to get started)

MITRE ATT&CK

by Walker Banerd - June 16, 2020

We recently released our exclusive Ebook MITRE ATT&CK For Dummies. It’s a definitive resource about why ATT&CK is so valuable and how to use it in your security operations. The topic is of great interest to us at D3 because of how deeply embedded ATT&CK is in our SOAR platform. In this b...

Three Reasons to Get Excited About D3’s Partnership with Datadog

SOAR

by Walker Banerd - June 12, 2020

We are very happy to announce our new partnership with Datadog, the essential monitoring platform for cloud applications. Datadog brings together data from servers, containers, databases, and third-party services to make customers’ stacks entirely observable. With 85% of enterprises moving their app...

Does D3 Integrate With My Security Tools? (Fortinet, McAfee, Symantec, CrowdStrike, Splunk, and More)

SOAR

by Walker Banerd - June 5, 2020

Integrations are critical to the value you will get out of a SOAR platform. You’ll want a platform that integrates with the security tools you use of course, but not all integrations are created equal, so you’ll also want to ensure that those integrations are feature-rich and don’t require you to do...

MITRE ATT&CK For Dummies

MITRE ATT&CK ,
SOAR

by Walker Banerd - May 7, 2020

Everyone knows the “For Dummies” series of books. In fact, I’d wager you’ve read several over the years when you needed to learn about a new topic in an accessible but informative way. I know I have. That’s why I’m excited to announce that D3 has teamed up with the folks behind the “Dummies” books [...

D3 Partners with Chronicle to Combine Security Analytics and Orchestration

News

by Walker Banerd - April 22, 2020

We are pleased to announce that D3 has joined Chronicle’s network of technology partners as an Index Partner. Chronicle will also join the D3 CONNECT partner program. The partnership will be supported by a robust integration between D3’s next-generation SOAR platform and Chronicle’s cloud-based secu...

D3 Security Wins Frost & Sullivan’s 2020 Global Customer Value Leadership Award

News

by Walker Banerd - April 21, 2020

Frost & Sullivan, a globally renowned business consulting and research firm, recently recognized D3 Security with their 2020 Global Customer Value Leadership Award for helping customers streamline and automate their security operations. The award is based on Frost & Sullivan’s analysis of th...

Download Gartner’s Tips for Selecting the Right Tools for Your SOC

Reports

by Walker Banerd - April 3, 2020

Earlier this year, Gartner published some great recommendations around purchasing security tools (Tips for Selecting the Right Tools for Your Security Operations Center; Bussa & D’Hoinne, January 23, 2020), written by Toby Bussa and Jeremy D’Hoinne. We’re very happy to be offering the document a...

What is Hybrid Cloud Security?

Industry ,
SOAR

by Walker Banerd - March 27, 2020

Hybrid Cloud Security describes the unique process of applying cybersecurity tactics and methods to environments that are split across multiple types of cloud resources. Typically, hybrid cloud environments include are a private cloud, which a company generally operates and hosts on-premise, and a p...

D3 Offers COVID-19 Pandemic Response Tool

Events ,
Incident Response
News

by Alex MacLachlan - March 25, 2020

D3 can help. The Coronavirus or COVID-19 pandemic is a challenge that is evolving rapidly for our customers, and for every organization worldwide. We know that you are facing the disruption and uncertainty head-on. That’s why at D3, we have marshaled our resources and created a solution to hel...

See D3’s Next-Generation SOAR at RSA Conference 2020

Events ,
News

by Walker Banerd - February 10, 2020

The D3 team is excited to be gearing up for one of the biggest cybersecurity events of the year: RSA Conference 2020. We’ve been attending the conference for many years, and we always come back inspired by the partners, clients, and industry leaders we cross paths with at the event. RSA Conference 2...

Next-Generation SOAR: Codeless Playbooks and Integrations

SOAR

by Walker Banerd - January 31, 2020

Nearly all security operations centers (SOCs) with SOAR have learned that their playbooks and integrations require more maintenance than expected. That’s because SOAR playbooks must be manually updated, often using Python, whenever a data source or integration point changes. If your SOC has dozens o...

Why Integrations are Easier with D3 SOAR

SOAR

by Walker Banerd - January 23, 2020

While SOAR platforms can do a lot of things, their effectiveness will be largely contingent on how well they integrate with their clients’ security infrastructure. That’s why D3 integrates with more than 260 applications in order to orchestrate more than 400 different actions. Integrating with D3 ha...

D3 SOAR 2.0 Release Announcement

MITRE ATT&CK ,
News
SOAR

by Walker Banerd - January 15, 2020

We are proud to announce the release of our most ambitious and innovative project yet: D3 SOAR 2.0. While it may be a bold claim to make, we truly see this new release as pushing the SOAR market forward with both improvements to previous capabilities and entirely new capabilities that no other platf...

3 Things You Can Do With Next Generation SOAR That You Couldn’t Do Before

MITRE ATT&CK ,
SOAR

by Walker Banerd - January 10, 2020

When you’ve been in the industry as long as D3, you see a lot of evolution in software capabilities. In the early years, it was all about incident response and case management. Playbooks were entirely manual, and integrations were a secondary aspect of the solutions on the market at that time. Next,...

Common Obstacles to Leveraging MITRE ATT&CK and How D3 Can Help

MITRE ATT&CK ,
SOAR

by Walker Banerd - December 21, 2019

It is widely agreed upon in the security world that the MITRE ATT&CK Framework is a valuable tool for security teams to wield in their never-ending fight against sophisticated adversaries. Among other benefits, ATT&CK brings “behavior-based” (as opposed to “signature-based”) detection into t...

How MITRE ATT&CK Enhances Gartner’s Value Categories of SOAR Solutions

MITRE ATT&CK ,
SOAR

by Walker Banerd - December 13, 2019

Toward the end of 2018, Gartner published its Emerging Technology Analysis of SOAR solutions (Ahm, December 7, 2018). In this piece, the author laid out three “value categories” for SOAR that represent the different varieties of value of which all SOAR solutions offer some combination. In the year s...

5 Takeaways from D3’s “SOAR in the Real World” Survey

SOAR

by Walker Banerd - November 14, 2019

D3 recently teamed up with Virtual Intelligence Briefing (ViB), an online community of more than one million technology professionals, to conduct a detailed survey about how SOAR technology is used and perceived by the people on the front lines of cybersecurity. Our sample included hundreds of secu...

Where to Start With Incident Response Automation

SOAR

by Walker Banerd - November 1, 2019

Lots of valuable opportunities for incident response automation are available to security teams, especially when leveraging a SOAR platform. While most security teams are already using some amount of automation, extensive automation in the SOC is still quite rare. In fact, we confirmed this in a rec...

Why Do I Need SOAR if I Have… (SIEM, ITSM, TIP, EDR)

SOAR

by Walker Banerd - October 17, 2019

As a relatively new category of security tools, there are lots of misconceptions around Security Orchestration, Automation, and Response (SOAR). Some of this confusion is around what types of SOCs will benefit most from SOAR. It is understandable to think that a SOC that already has numerous securit...

Visit D3 at Splunk .conf19

Events

by Walker Banerd - October 16, 2019

As we have for the past several years, the D3 team will be attending Splunk’s annual conference next week. This year’s event is called Splunk .conf19, and it will take place at the Venetian Sands Expo in Las Vegas from October 22-24. We’re excited to be attending again this year and we have a lot [&...

How to Leverage MITRE ATT&CK in Your Security Operations with D3 SOAR

MITRE ATT&CK ,
SOAR

by Walker Banerd - September 27, 2019

The MITRE ATT&CK matrix has gained widespread recognition in the security industry for its valuable data on adversary groups, and the tactics and techniques they use to target organizations. However, there is a gap between recognizing the value of this data and being able to leverage it for impr...

4 SOAR Purchasing Mistakes to Watch Out For

SOAR

by Walker Banerd - September 20, 2019

Purchasing a security orchestration, automation, and response (SOAR) platform is a major decision. If you make the right choice, this powerful technology can become the heart of your security operations, intaking data from across your environment and orchestrating workflows to shut down threats. Ho...

D3 CONNECTED Global Sales Channel and Partner Program Demonstrates Significant Growth in Q2 2019

News

by Walker Banerd - September 17, 2019

VANCOUVER, British Columbia–D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, today announced that their CONNECTED Global Sales Channel and Partner Program has experienced significant growth since its inception in October of last year. Coming off c...

Sherlock in the SOC—SecurityWeek

Incident Response

by Walker Banerd - August 19, 2019

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. The character Sherlock Holmes once said, “There is a strong family resemblance about misdeeds, and if you have all the details of a thousand at your finger ends, it is odd if you can&#...

Data Breach of the Month: City Power

Data Breach

by Walker Banerd - August 13, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

How SOAR Can Help Support the Transition of IT Staff to Security Operations

SOAR

by Walker Banerd - August 8, 2019

Because of the well-documented cybersecurity skills gap, it has become a significant trend for organizations to rely on IT personnel to transition to security operations or to take on additional security responsibilities. This is a difficult transition for both the employees and the organization tha...

D3 Security Creates First Proactive Response Platform Using MITRE ATT&CK Framework

News

by Walker Banerd - July 24, 2019

VANCOUVER, British Columbia–D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, has released Attack Investigator, a unique solution that utilizes the MITRE ATT&CK framework to identify and address the entire kill chain of complex attacks. Attack ...

Assessing and Demonstrating the Value of Security Automation Platforms

SOAR

by Walker Banerd - July 24, 2019

It’s easy for the people on the front lines of security operations to see how adding security automation makes their lives easier and their organizations safer. However, SOC managers still need to be able to quantify the value of automation to senior executives and other stakeholders through SOAR re...

Why Incident Response Must Adopt a Kill Chain Perspective—SecurityWeek

SOAR

by Walker Banerd - July 19, 2019

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Emerging technology is enabling incident response tools—including SOAR platforms like D3—to go beyond individual alerts and address complex attacks holistically. This welcome change re...

Download Gartner’s 2019 Market Guide for SOAR Solutions

SOAR

by Walker Banerd - July 10, 2019

Note: Download the 2019 Gartner Market Guide for Security Orchestration, Automation and Response Solutions here. Gartner recently published its first ever Market Guide for Security Orchestration, Automation and Response Solutions, written by Claudio Neiva, Craig Lawson, Toby Bussa, and Gorka Sadowsk...

Data Breach of the Month: NASA

Data Breach

by Walker Banerd - July 5, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Security Operations Gap Analysis with MITRE ATT&CK

SOAR

by Walker Banerd - July 5, 2019

The MITRE ATT&CK framework is rapidly growing in popularity among security leaders for many reasons. Among the numerous applications of ATT&CK, many companies are using ATT&CK to identify gaps in their security and what they have covered with their existing tools. For those who are unfam...

SANS Automation & Integration Survey: Closer Collaboration Enables More Automation

Incident Response ,
SOAR

by Walker Banerd - June 20, 2019

D3 recently sponsored the 2019 SANS Security Automation & SOC Integration Survey. The detailed survey compiled responses from 218 professionals involved in cybersecurity practices. The survey is an excellent resource that provides insight into how security automation is perceived, how organizati...

Breach of the Month: Fast Retailing

Data Breach

by Walker Banerd - June 7, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

How D3 Uses the MITRE Framework to Enhance Phishing Investigations

Incident Response ,
SOAR

by Walker Banerd - May 31, 2019

To empower organizations in the fight against advance persistent threats and sophisticated adversaries, SOAR platforms must evolve beyond the linear process of ingesting alerts and automating simple response actions. This is why D3 has fully embedded the MITRE ATT&CK framework into its SOAR plat...

D3 Supports Every Tier of SOC Analysts

Incident Response ,
SOAR

by Walker Banerd - May 17, 2019

In a security operation center (SOC), analysts are often categorized into four tiers, each with different roles and responsibilities. The definition of each tier varies a bit, depending on who you ask, but a generally accepted description of a Tier 1 analyst would be someone who monitors alerts from...

2019 SANS Automation & Integration Survey: 5 Misconceptions About Security Automation

Industry ,
SOAR

by Walker Banerd - May 10, 2019

D3 recently sponsored the 2019 SANS Security Automation & SOC Integration Survey. The detailed survey compiled responses from 218 professionals involved in cybersecurity practices. The survey is an excellent resource that provides insight into how security automation is perceived, how organizati...

Data Breach of the Month: FBI National Academy Associates

Data Breach

by Walker Banerd - May 7, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Level the Playing Field with MITRE ATT&CK—SecurityWeek

SOAR

by Walker Banerd - May 4, 2019

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. The MITRE ATT&CK framework is rapidly gaining adoption as a valuable way for security teams to categorize, predict, and disrupt adversaries’ actions. That’s why D3 has embedded the...

SOAR for Fortinet: Why D3 is the Perfect Fit

SOAR

by Walker Banerd - April 23, 2019

Security orchestration, automation, and response (SOAR) platforms are a force multiplier in the SOC because of how they make other security tools more effective. This is especially true when you combine D3 SOAR with the Fortinet Security Fabric. With this unique partnership, you don’t just get certi...

How D3 Uses the MITRE ATT&CK Framework for Intelligent Correlation (VIDEO)

SOAR

by Walker Banerd - April 17, 2019

D3 SOAR is making the transition from event-based response to intelligent, intent-based response. This means that D3 users will be able to see every security event in the context of adversarial intent, by correlating events with other traces of the same attack. This allows security teams to take a m...

D3 Security Joins Symantec Technology Integration Partner Program

News ,
SOAR

by Alex MacLachlan - April 11, 2019

MOUNTAIN VIEW, Calif.– D3 Security today announced it has joined the Symantec Technology Integration Partner Program (TIPP), a global ecosystem composed of more than 100 participating technology companies, in a collaborative effort to combat cyber-crime and secure the cloud generation. As part...

Data Breach of the Month: Jackson County

Data Breach ,
SOAR

by Walker Banerd - April 8, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest state-sponsored mega breach, and other times we’ll focus on a lesser known incident that has outsized implications fo...

D3 Security and SANS Survey Illustrates the Need for Security Automation to Stabilize the Resource and Skills Gap

News ,
SOAR

by Alex MacLachlan - April 3, 2019

Vancouver, British Columbia – April 3, 2019 – D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, today announced the results of the 2019 SOC Automation and Integration Survey, executed by SANS. The D3-sponsored study surveyed over 250 professionals with r...

D3 Security to Showcase D3 SOAR Platform at Accelerate 19

Events ,
News

by Alex MacLachlan - April 1, 2019

April 1, 2019 — D3 Security, a Fortinet partner, announced today that it will attend Accelerate 19, Fortinet’s annual global partner and user conference, to showcase its award-winning D3 Security Orchestration, Automation and Response (SOAR) Platform. D3 Security recently joined the Fortinet techn...

Moving from Event-Based to Intent-Based SOAR Using the MITRE ATT&CK Framework

Incident Response ,
SOAR

by Walker Banerd - March 28, 2019

We recently published a whitepaper detailing D3’s vision for the future of SOAR, and how we’re making it a reality. We’re calling it SOAR 2.0, and while that might sound grandiose, we think it reflects how important this step in the evolution of SOAR could be. You can download the whitepaper here to...

OSFI Incident Reporting Requirements: What You Need to Know

Compliance ,
Data Breach
Incident Response

by Walker Banerd - March 19, 2019

The Office of the Superintendent of Financial Institutions, a Canadian banking regulator, recently published an advisory regarding cyber security incident reporting, specifically, the imminent implementation of new rules around how and when technology and cyber security incidents must be reported. T...

SOAR Trends and Questions from RSAC 2019

Events ,
Incident Response
Industry
SOAR

by Alex MacLachlan - March 13, 2019

Just like at RSA Conference 2018, and 2017, it was great to connect with clients and partners at our booth and on the show floor this year, 2019. Some of the main differences this year were the sheer volume of clients we saw—which makes sense, since we closed deals with more than 50 Fortune 500 [&he...

Data Breach of the Month: UW Medicine

Data Breach

by Walker Banerd - March 12, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

D3 Security and Veracomp Partner to Provide SOAR Technology for Central and Eastern European Markets

News ,
SOAR

by Alex MacLachlan - March 12, 2019

Vancouver, British Columbia – D3 Security, a developer of award-winning security orchestration, automation and response (SOAR) solutions, today announced a strategic partnership with Veracomp, one of the largest IT distributors in Poland. Veracomp will play a key role in helping to expand the reach ...

D3 Security Wins Cyber Defense Magazine InfoSec Award and ISPG Global Excellence Award

News

by Alex MacLachlan - March 5, 2019

Vancouver, British Columbia – D3 Security, an innovator in Security Orchestration, Automation and Response (SOAR) technology, today announced its D3 SOAR platform has been named a winner in both the 2019 Cyber Defense Magazine InfoSec Awards and the 15th Annual Info Security Products Guide’s Global ...

Data Breach of the Month: Singapore Ministry of Health

Data Breach

by Walker Banerd - February 14, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Connect with D3’s SOAR Experts at RSA Conference 2019

Events ,
Incident Response
SOAR

by Alex MacLachlan - February 11, 2019

RSA Conference 2019, one of the cybersecurity world’s biggest events, is just a couple of weeks away, and our team is excited to return to San Francisco to show off our SOAR technology on the world stage. You can speak with our security orchestration experts and demo the D3 SOAR Platform at Booth #6...

Don’t Search for a Needle in a Haystack — SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - February 8, 2019

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. The importance of threat intelligence to security operations is growing, as SOAR platforms and other tools get better and better at rapidly aggregating complex data from myriad sources...

5 Trend Reports Every SOC Should Track

Incident Response ,
Industry
SOAR

by Walker Banerd - January 14, 2019

By tracking specific metrics over time, trend reporting can establish a historical view of threats encountered, quantify SOC performance, and support smarter, more agile, and more data-driven incident response. Analyzing these reports can act as an early warning system to help identify threats and b...

Data Breach of the Month: EU Diplomatic Cables

Data Breach

by Walker Banerd - January 7, 2019

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Pitfalls (and Best Practices) of SOAR Implementation

SOAR

by Walker Banerd - January 3, 2019

Our recent webinar, How to Prepare for Cyber Security Orchestration, was designed to help security folks understand what is needed to prepare your SOC for security orchestration, automation, and response technology. For those who are further along in the process, many questions remain regarding impl...

What Makes D3 Playbooks Different

Incident Response ,
SOAR

by Walker Banerd - December 20, 2018

What Makes D3 Playbooks Different Incident response playbooks are needed to help enterprises respond effectively, consistently, and in line with security and compliance obligations. For many years, these playbooks were sets of manual, print-based documents. This often led to inconsistencies and the ...

See D3’s Award-Winning Technology at the SINET Showcase

Events ,
News

by Alex MacLachlan - December 14, 2018

Named one of the world’s most innovative cyber security companies by the Security Innovation Network (SINET), D3 President and Founder Gordon Benoit was invited to speak about D3’s security orchestration, automation and response (SOAR) technology at the SINET Innovation Showcase at the N...

D3 Security Integrates with McAfee Enterprise Security Manager (ESM)

Incident Response ,
News
SOAR

by Alex MacLachlan - December 4, 2018

VANCOUVER, British Columbia – D3 Security, an innovator in Security Orchestration, Automation and Response (SOAR) technology, today announced that it has achieved technical integration of the D3 SOAR Platform with the McAfee® Enterprise Security Manager (ESM), enabling accelerated threat detec...

Data Breach of the Month: Jones Eye Clinic

Data Breach

by Walker Banerd - December 3, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big security breach, and other times we’ll focus on a lesser known incident that has outsized implications for the se...

Data Breach of the Month: Cathay Pacific

Data Breach

by Walker Banerd - November 9, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Back to Basics: Incident Response Planning 101

Incident Response ,
SOAR

by Walker Banerd - November 5, 2018

A recent survey of 4,100 cybersecurity pros by the international insurance company Hiscox reported that 73% of organizations are unprepared for a cyberattack. That’s a startling statistic because the global enactment of strict regulations requires organizations to quickly identify security incidents...

Seven Security Activities You Should Automate — SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - October 17, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Security automation is often sold based on the promise of helping security teams save time and act faster. While these benefits are real, there are also many other use cases for automa...

Data Breach of the Month: NCIX

Data Breach

by Walker Banerd - October 17, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

D3 Named Top Security Automation Solution

Incident Response ,
News
SOAR

by Alex MacLachlan - October 2, 2018

VANCOUVER, British Columbia – D3 Security, a developer of award-winning security orchestration, automation and response (SOAR) solutions, today announced that they have been named CyberSecurity Breakthrough’s 2018 Security Automation Solution of the Year. This year’s competition drew over 3,00...

D3 at Splunk .conf18

Events

by Walker Banerd - September 28, 2018

The D3 team is about to head to Orlando, Florida for Splunk .conf18, taking place from October 1-4. We’ve been attending the conference for several years now, and it’s always a fun and informative event. If you’re going to be there, we hope you’ll come visit us at Booth M35. At our booth, you can [&...

D3 Security Named SINET 16 Innovator for 2018

News

by Alex MacLachlan - September 25, 2018

VANCOUVER, British Columbia — D3 Security, a developer of award-winning security orchestration, automation and response (SOAR) solutions, today announced that the Security Innovation Network (SINET) has named the company a SINET 16 Innovator for its 2018 competition. Each year, SINET receives hundre...

Preparing for SOAR: Join the Webinar from D3 and EMA

Incident Response ,
SOAR

by Walker Banerd - September 19, 2018

Security orchestration and automation aren’t just the future of security operations; they’re the present. If you aren’t already using these powerful technologies in your SOC, you’ll need to implement them soon. Are you prepared? Join experts from D3 and EMA for an exclusive webinar on how to prepare...

How Automation Helps Security Managers—SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - September 12, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. It’s often discussed how automation benefits analysts , making them faster and better informed in their work. What gets talked about less is that security managers also get significant...

Data Breach of the Month: Adams County

Data Breach

by Walker Banerd - September 11, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

D3 Announces Certified Integration with McAfee ESM

SOAR

by Walker Banerd - August 27, 2018

We are pleased to announce that D3’s integration with McAfee Enterprise Security Manager (ESM) has been certified by McAfee. The integration brings together D3’s industry-leading security orchestration, automation, and response (SOAR) platform with McAfee’s powerful SIEM with a host of features to s...

Getting off the Ground with SOAR—SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - August 17, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Something we often hear from prospective customers is that they don’t have any substantial incident response program in place and are apprehensive about jumping straight into implement...

D3 Closes Fiscal Year 2018 with Record Growth

News

by Alex MacLachlan - August 9, 2018

VANCOUVER, British Columbia – D3 Security, a developer of award-winning security orchestration, automation and response (SOAR) solutions, today announced record-breaking growth in both revenue and active enterprise customers. This growth includes new bookings from more than 50 of the Fortune 500, ad...

Data Breach of the Month: Timehop

Data Breach

by Walker Banerd - August 8, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

The Evolution of SOAR Platforms — SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - July 30, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. D3 is part of an evolution in security operations platforms that is now commonly referred to as SOAR (security orchestration, automation, and response). Demand for SOAR is undeniably a...

Threat Intelligence Use Cases

Incident Response ,
SOAR

by Walker Banerd - July 18, 2018

Threat intelligence is becoming an increasingly prominent element of security operations. In fact, Gartner predicts a 15x increase in the number of large enterprises using commercial threat intelligence by 2020. Threat intelligence comes in many forms, with numerous vendors and several distinct use ...

Data Breach of the Month: PageUp

Data Breach

by Walker Banerd - July 9, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

SOAR Like An Eagle: The Key to Fast and Full-Lifecycle Incident Response

Incident Response ,
SOAR

by Alex MacLachlan - June 28, 2018

Senior Principal Analyst and ESG Fellow, Jon Oltsik, recently reported on security orchestration, automation and response (SOAR) platforms in two articles for CSO Magazine. You can read them here and here. Notably, Jon found that platforms like D3 Security are driving SOAR’s evolution, by combining ...

How Much Does a Data Breach Really Cost You?

Compliance ,
Data Breach
Incident Response
Industry
SOAR

by Denis Barnett - June 25, 2018

“If you protect your paper clips and diamonds with equal vigor, you will soon have more paper clips and fewer diamonds.” – Dean Rusk, former US Secretary of State Do you know how much your organization stands to lose if it were to suffer a data breach? Even the legendary Warren Buffet h...

How SOAR Makes a Security Analyst More Impactful

Incident Response ,
SOAR

by Walker Banerd - June 20, 2018

Security orchestration, automation, and response (SOAR) solutions are valuable for everyone on a security team, from people on the front lines to managers and executives tracking reports and metrics from a birds-eye view, or even compliance and legal personnel working outside the SOC. Of all the rol...

Infosec Europe 2018 Recap

Incident Response ,
SOAR

by Stan Engelbrecht - June 13, 2018

Last week, D3 sponsored the InfoSecurity Europe trade show at the Olympia in London. “InfoSec” is Europe’s top cyber security trade show, with every imaginable product and service represented, including our award-winning Security Orchestration, Automation, and Incident Response platform, known as SO...

Why Modern Manufacturers Need Cyber Incident Response

Forensics ,
Incident Response
Industry
SOAR

by Walker Banerd - June 12, 2018

Despite the constant news about cyber threats and the growth in major breaches, many companies are overly focused on prevention, while overlooking incident response and handling practices. With today’s environment of an increasing attack surface, numerous security tools, overworked analysts, and a n...

Data Breach of the Month: Rail Europe North America

Data Breach ,
Industry

by Walker Banerd - June 11, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

5 Strategies for Extending SOAR Beyond the SOC —SecurityWeek

Incident Response ,
SOAR

by Walker Banerd - June 11, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Automation and orchestration are top of mind for much of the security industry these days, and the past few years have seen great advances in how they can be applied to the rapid analy...

D3 Security to Attend Infosecurity Europe 2018

Events ,
News

by Alex MacLachlan - June 4, 2018

VANCOUVER, British Columbia – D3 Security, a developer of award-winning security orchestration, automation and response (SOAR) solutions for the Fortune 500, today announced their attendance at Infosecurity Europe. The conference, to be held in Olympia, London from June 5-7, will draw more than 20,0...

D3 at Infosecurity Europe 2018

Compliance ,
Data Breach
Incident Response
SOAR

by Alex MacLachlan - May 31, 2018

The D3 team is getting ready to fly to the UK for Infosecurity Europe 2018, taking place June 5-7 in London. It’s the largest information security event in Europe, so we’re excited to show off our latest innovations, connect with security professionals from around the world, and learn about how info...

Quick Guide to GDPR [Infographic]

Compliance ,
Data Breach

by Walker Banerd - May 28, 2018

After much speculation, analysis, and companies scrambling to update their privacy policies, GDPR finally became widely enforceable last week. Despite all the commotion, a lot of people still don’t know though the basic facts of GDPR: what it is, who it applies to, and what it requires for complianc...

Why Companies Need to Centralize Security Operations: Part 2

Compliance ,
Data Breach
Forensics
Incident Response
Industry
SOAR

by Walker Banerd - May 10, 2018

In Part 1, we looked at the status quo of security systems as they are used in organizations, the reality that automation should be a baseline rather than a novelty in today’s security landscape, and we explored why centralization is essential. In Part 2 below, let’s look at how and why organization...

Data Breach of the Month: Panera Bread

Data Breach

by Walker Banerd - May 7, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

2018 GDPR Compliance Report

Compliance ,
Data Breach
Incident Response

by Alex MacLachlan - May 3, 2018

D3 Security is a sponsor of the newly released 2018 GDPR Compliance Report. The report was produced by Cybersecurity Insiders, and comprises results from a survey of more than 500 IT, cybersecurity, and compliance professionals about how their organizations are readying themselves for GDPR, which ta...

Why Companies Need to Centralize Security Operations: Part 1

Compliance ,
Data Breach
Incident Response
Industry
SOAR

by Walker Banerd - May 2, 2018

Enterprises need a centralized security solution: a system that connects the infrastructure to allow seamless bidirectional data flow between each system and the enterprise security control center. Despite digital applications permeating nearly every aspect of our lives, many enterprises’ daily proc...

RSA 2018 Recap: Show Me the Orchestration (and the Metrics)

Events ,
Incident Response
SOAR

by Stan Engelbrecht - April 24, 2018

In the cybersecurity world, it’s hard to think of an event more important than each year’s RSA conference. No other event gives us the chance to engage with customers, prospects, partners and industry analysts, the way RSA does. From our perspective as a vendor, it seems that each year has a bit of ...

Why Mass Transit Could Be the Next Big Cyber Target — SecurityWeek

Data Breach ,
Incident Response
Industry

by Walker Banerd - April 17, 2018

A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Cyber attacks can cluster around certain industries for a period of time, once a particular method of attack has proven to be successful. Examples in recent years include ransomware in...

Where the World Talks Security – RSA 2018

Compliance ,
Events
News
SOAR

by Alex MacLachlan - April 16, 2018

It’s that time of year again! Our team is on its way to San Francisco to take part in the world’s leading cybersecurity event, the 2018 RSA Conference. D3 Security will be joining the ranks of those standing against cyber threats and we are eager to connect with like-minded industry professionals to...

Data Breach of the Month: City of Atlanta

Data Breach ,
Industry

by Walker Banerd - April 4, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Standardize HR Procedures to Eliminate Biased Investigations

Compliance ,
Human Resources

by Walker Banerd - March 29, 2018

The impact of an HR scandal can compound when it is not handled properly, creating additional reputational and financial damage to an organization. This is why HR case management is such an important asset for enterprise HR teams. Using D3’s HR platform, you can put your investigations “on-rails”, s...

How IR Platforms Can Help You Meet GDPR Reporting Timelines

Compliance ,
Data Breach
Incident Response

by Walker Banerd - March 20, 2018

With the dawn of the GDPR era just weeks away, impacted organizations around the world are scrambling to determine the tools they need to achieve compliance and dodge massive fines. As a developer of incident response solutions, we’ve been digging into GDPR to see how we can help. We’ve determined t...

Winning Best Security Automation Platform Was Just the Beginning

Incident Response ,
Industry
SOAR

by Alex MacLachlan - March 8, 2018

While it might not be as glamorous as the Oscars, the cybersecurity industry has its own awards season, culminating in the red-carpet SC Awards during the RSA conference in April. So far in 2018, D3 Security has had a remarkable awards season, with our Incident Response Automation Platform earning t...

Data Breach of the Month: Decatur County General Hospital

Data Breach ,
Industry

by Walker Banerd - March 8, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

D3 Cyber Incident Response Product Guide

Incident Response ,
SOAR

by Walker Banerd - March 5, 2018

D3 has a truly unique cyber incident response offering, which makes it hard to classify—let alone do justice with a quick explanation. This is why we’ve written a comprehensive guide that takes you through the entire product journey. D3’s full-lifecycle capabilities are what sets it apart, so the pr...

What Are the Incident Response Phases?

Forensics ,
Incident Response

by Walker Banerd - February 22, 2018

In our line of work, we find that IT and security professionals often forget that incident response (IR) is a process, and not a singular action. Not building and coordinating the steps of incident response correctly within your IR plan will render it useless, making serious incidents like ransomwar...

High Tensions Often Cause Incident Response to be Derailed — SecurityWeek

Incident Response

by Walker Banerd - February 19, 2018

The latest article in the series written by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Stan’s three-part series covers the important incident response steps that many companies overlook. In this excerpt from the article, Stan describes the impo...

D3 Security Launches Guided Case Management

Forensics ,
Incident Response
News

by Walker Banerd - February 13, 2018

One of the things that sets D3 apart is the deep case management functionality we provide as part of our full-lifecycle incident response solution. We are excited to announce that we have built on that strength with a totally reimagined Guided Case Management module, which will bring unprecedented l...

Data Breach of the Month: Oklahoma State University Center of Health Sciences

Data Breach

by Walker Banerd - February 5, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

D3 Security Honored as SC Media 2018 Trust Award Finalist

News

by Walker Banerd - January 25, 2018

VANCOUVER, British Columbia – D3 Security, a developer of incident response and case management solutions for Fortune 500 companies, announced today that their Digital Forensics Case Management System has been recognized as a Trust Award finalist in the Best Computer Forensic Solution category for t...

Strong Incident Response Starts with Careful Preparation- SecurityWeek

Incident Response

by Stan Engelbrecht - January 19, 2018

An article written by the Director of D3’s Cyber Security Practice, Stan Engelbrecht, is currently featured on SecurityWeek. Stan’s article is the first in a three-part series on often-overlooked steps in the incident response process. The following is a brief excerpt from the article. H...

Is Your HR Department Ready for the Standards of the #MeToo Era?

Human Resources

by Walker Banerd - January 16, 2018

Get the white paper here. The Wave of Change The reckoning began with the downfall of Harvey Weinstein, and rapidly spread throughout entertainment and government, toppling hugely prominent and powerful figures along the way. Now the conclusion is clear: the culture has shifted, and sexual harassmen...

Incident Response: What to Automate (and Why)

Incident Response ,
SOAR

by Walker Banerd - January 11, 2018

Let’s get one thing straight: Security automation and orchestration are at the heart of D3’s Incident Management Platform. Our platform’s security automation features streamline the investigation and context-gathering aspects of response, and also provide automated actions, such as blocking IPs and ...

Data Breach of the Month: NiceHash

Data Breach

by Walker Banerd - January 8, 2018

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Avoiding Cyber Crime During the Holidays

Data Breach

by Walker Banerd - December 20, 2017

We all can’t help but do more shopping than usual around the holidays, and cybercriminals know this. Especially with the popularity of online shopping, there are huge opportunities for unscrupulous scammers, hackers, and other crooks to take advantage of the high volume of transactions and urgency o...

Managing Financial Crime with D3

Forensics ,
Incident Response
Industry

by Walker Banerd - December 14, 2017

The Challenge: Dealing with crime is nothing new for financial institutions. The lucrative target they present has always inspired innovation and persistence among thieves, fraudsters, and other criminals, but the digital era is increasing the potential attack surface to a previously unthinkable deg...

Data Breach of the Month: Imgur

Data Breach

by Walker Banerd - December 7, 2017

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Key Findings from Five Major Cybersecurity Reports

Compliance ,
Data Breach
Incident Response
Industry
SOAR

by Walker Banerd - November 29, 2017

At D3, we are always evolving our products to meet the needs of our customers and stay on the forefront of cyber incident response technology. This requires us to always be informed on the latest industry research, in order to understand the present and future of incident response, and where our sol...

D3 Incident Response Platform Integrations: VirusTotal and DomainTools

SOAR

by Walker Banerd - November 23, 2017

Knowledge is power. The phrase is especially true in the context of an enterprise SOC, where limited information can lead to hours wasted investigating a meaningless alert, or worse, allowing a dangerous incident to slip by undetected. In the fast-paced world of cybersecurity incident response, how ...

Data Breach of the Month: Disqus User Data Exposed for Five Years

Data Breach

by Walker Banerd - November 14, 2017

Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...

Trump’s Twitter Disabled: Protecting Against Insider Threats

Data Breach ,
Incident Response

by Walker Banerd - November 6, 2017

For a few minutes on November 2nd, the most famous Twitter account in the world went offline. The account in question was of course @realdonaldtrump. Twitter was quick to attribute the incident to nonspecific “human error”, but soon after clarified that a rogue customer support employee deliberately...

See Your Response Plan in Action with D3’s Visual Playbook Editor

Incident Response ,
SOAR

by Walker Banerd - October 23, 2017

There are immediate benefits to simply having visual representations of your response plans. Incident response is complex. It often requires involvement from several internal groups, and by its nature, tends to be needed most during crises or other chaotic situations. Having visual playbooks helps y...

Data Breach of the Month: North Korea Steals USA War Plans

Data Breach

by Walker Banerd - October 23, 2017

Welcome to our first Data Breach of the Month post, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security ind...

Next-Generation Threat Management: White Paper and Webinar

Incident Response ,
SOAR

by Walker Banerd - October 16, 2017

We recently produced two significant pieces of thought leadership in collaboration with the Chertoff Group, which are both now available. The pieces—a white paper and a webinar—focus on the future of the incident response industry, looking at how vendors can evolve their solutions to support the cha...

New Report Details the Fight Against Ransomware

Incident Response ,
Industry
SOAR

by Walker Banerd - October 5, 2017

The 2017 Ransomware Report, a comprehensive study produced in partnership with D3 Security, was published on September 26. The report compiles survey answers collected by Crowd Research Partners from over 500 cybersecurity professionals to create a complete picture of ransomware in 2017, including h...

The Importance of Case Management for Digital Forensics

Forensics

by Stan Engelbrecht - October 2, 2017

D3 fills a significant gap by bringing true case management functionality to the typical digital forensics process. Many forensics suites have features that they refer to as case management, but their capabilities can only be applied to singular pieces of evidence; there is no “end-to-end” tracking ...

Why D3 is the “Perfect” Incident Response Platform for Splunk Users

Incident Response ,
SOAR

by Stan Engelbrecht - September 25, 2017

D3 is excited to support our partner Splunk as a Mega-level sponsor of .conf2017: The 8th Annual Splunk Conference. The conference—running from September 25-28 in Washington, DC—consistently draws some of the most innovative folks in the security business, and it’s one of our favorite places to con...

Avoiding Rigidity in Incident Response Automation

Incident Response ,
SOAR

by Walker Banerd - September 20, 2017

The idea that many analysts and CISOs are concerned about automating and orchestrating security actions should come as no surprise. After all, human decision-making leverages years of relevant experience and training, plus it can pivot on a dime, bringing valuable agility to the SOC. But the fact is...

How to Get More Value from Your Junior Security Analysts

Incident Response ,
SOAR

by Walker Banerd - September 14, 2017

There’s nothing better for your incident response program than an experienced security analyst. But these days, you’re lucky if you have more than one or two on your team, and with such high demand for their skills, it might not be feasible budget-wise to hire as many as you’d like. So if an all-sta...

The Equifax Breach: How Companies Can Respond to Major Security Incidents

Forensics ,
Incident Response

by Walker Banerd - September 8, 2017

The Most Damaging Data Breach Ever? Equifax, one of the largest American credit reporting agencies, announced yesterday that a data breach had exposed the personal data of 143 million customers. While not the largest data breach ever in terms of the number of records—that ignominious honor still goe...

Saving Valuable Time with Security Automation

Incident Response ,
SOAR

by Walker Banerd - September 6, 2017

Being chronically understaffed means that SOC and IR teams are hit doubly hard by sudden increases in the volume and sophistication of security alerts. Analysts on these teams must contend with dozens of systems and data sources, and largely manual investigative processes. This forces analysts to s...

Involving “Legal” in Incident Response: The Three Pillars

Compliance ,
Data Breach
Forensics
Incident Response

by Walker Banerd - August 30, 2017

As cybersecurity has become one of the defining issues of our era, it has intertwined with legal concerns to the point that the two can no longer be completely separated. Where it was once possible for security and legal teams to have minimal interaction, current laws, regulations, and the growing s...

D3 is the Most Popular Incident Management Software – ASIS Survey

Incident Response ,
Industry
Physical Security

by Alex MacLachlan - August 23, 2017

In ASIS International’s recently published Global Security Operations Communications Center (GSOCC) survey, almost half of respondents (41%) said they used D3 for incident management. The next most popular solution was used by 29%. This is an exciting result for us. ASIS is the leading professional ...

The Importance of Full-Lifecycle IR to Support Automation

Incident Response ,
SOAR

by Walker Banerd - August 15, 2017

Automation and orchestration have quickly become an integral part of incident response (IR), and grabbed the industry’s attention in the process. That’s because SOC and IR teams have long needed a way to keep up with daily barrages of advanced threats and alerts. But the shine of the spotlight has a...

5 Common Incident Response Problems that SOAR can Help Solve

Incident Response ,
SOAR

by Stan Engelbrecht - July 31, 2017

Most companies that are struggling with their incident response program fall into two categories: They don’t realize what their problems are, because they’ve always done things a certain way They know exactly what their problems are, but don’t have the resources to fix them Whichever category your c...

Cybersecurity Incident Response Buyer’s Guide

Incident Response ,
SOAR

by Walker Banerd - July 20, 2017

Sometimes it seems like you need to be a CISSP just to understand the variety of incident response platforms (IRPs) on the market. Cybersecurity incident response is still a relatively young industry, and the solutions on offer comprise a wide range of different functionality and technology. Compoun...

How to Avoid HIPAA’s Wall of Shame: Protecting Against Ransomware

Compliance ,
Data Breach
Incident Response
Industry

by Alex MacLachlan - July 13, 2017

The healthcare industry is a lucrative target for cybercriminals. Healthcare organizations are often laggards in adopting cybersecurity and data management best practices, a vulnerability that criminals have been quick to exploit. In the first half of 2017, 149 breaches have compromised nearly 2.7 m...

Understanding Automated Incident Response

Incident Response ,
SOAR

by Walker Banerd - July 7, 2017

If you’ve spent time evaluating cyber incident response platforms (IRPs), you’ve undoubtedly felt the hype surrounding automation and orchestration. And rightfully so. When applied correctly, automation and orchestration can drastically reduce incident response times and eliminate manual tasks—big p...

4 Ways Your IRP Can Help Reduce False Positives

Incident Response ,
SOAR

by Walker Banerd - June 30, 2017

False positives are to the security analyst what cats in trees are to the fire brigade: wasted time and a distraction from the real emergencies. So imagine if a firefighter had to deal with tens of thousands of cats in trees, the way an analyst does with false positives! There would be a lot of [&he...

Why Are Ransomware Attacks So Successful?

Incident Response ,
SOAR

by Alex MacLachlan - June 21, 2017

Ransomware helped cyber criminals pad their Bitcoin wallets with $1B in 2016, according to the FBI. The threat has continued unabated in 2017, with major attacks dominating the headlines and driving profits in excess of $5B. Compared to 2015 when “only” $325M was generated, ransomware has quickly m...

Delivering (and Measuring) Incident Response ROI

Incident Response ,
SOAR

by Walker Banerd - June 20, 2017

Let’s be honest: every vendor talks about how their incident response platform (IRP) can save you time, lower your costs, and reduce security risks. And they’re probably right; IRPs are valuable tools for almost any organization. However, there are several distinct approaches to designing an IRP, wh...

Work Smarter, Not Harder: 5 Steps to Streamlined Incident Response

Incident Response ,
SOAR

by Walker Banerd - June 2, 2017

It’s a common problem in any workplace: you get so caught up dealing with a constant stream of tasks that you never have the chance to evaluate how you’re going about them. This can go on for months or even years before someone takes a step back and realizes that implementing selected process improv...

How Vulnerable are Modern Cars to Hacking?

Data Breach ,
Industry

by Walker Banerd - May 30, 2017

The most recent film in the Fast & Furious franchise contained a memorable set piece in which a hacker remotely takes control of hundreds of cars, sending them racing through the crowded streets of Manhattan, dropping out of multi-story parking garages, and colliding in massive pileups. This mig...

Why an IT Ticketing System Won’t Work for Incident Response

Incident Response

by Walker Banerd - May 24, 2017

Cybersecurity incident response is a relatively young corporate function. So it’s no surprise that companies are trying to leverage tools they already have to manage incidents and assign tasks. For many organizations, this means trying to configure an incident management workflow into their IT ticke...

EU GDPR Data Breach Requirements: What You Need to Know

Compliance ,
Data Breach
Industry

by Stan Engelbrecht - May 19, 2017

On May 25, 2018, the General Data Protection Regulation (GDPR) will go into effect across the EU. The purpose of this regulation is to harmonize Europe’s regulatory environment by creating a ‘one-stop shop’ for data protection. The GDPR applies to European companies in all sectors, but also any busi...

5 Critical Steps for Your Cybersecurity Incident Response Plan

Incident Response

by Walker Banerd - May 12, 2017

While cybersecurity teams are generally overwhelmed these days, the moments after a major incident can be especially hectic. That’s why it’s critical to have an incident response plan in place, including workflows that are tailored to common threats like malware, DDoS, and many others. A good plan w...

Incident Response Platforms: 10 Features to Look For

Incident Response ,
SOAR

by Walker Banerd - May 8, 2017

Incident response platforms (IRPs) are powerful software solutions with wide-ranging feature sets. Many features are common across platforms, but each vendor has a unique approach to incident response, and the features they include or omit from their solution will reflect that perspective. At D3, we...

How to Establish and Build Upon Clery Act Compliance

Industry ,
Physical Security

by Walker Banerd - April 24, 2017

Since its introduction in 1990 following the brutal murder of Jeanne Clery, a freshman at Lehigh University in Pennsylvania, the Clery Act has posed reporting and compliance challenges to higher education institutions. Some of the common challenges include establishing the baseline reporting, and un...

Risks Affecting Point of Sale Terminals

Data Breach ,
Industry

by Walker Banerd - April 17, 2017

We recently published a briefing on the subject of securing ATM networks that includes a lot of information that will be valuable to banks, payment card companies, retailers, and any other organizations whose business involves ATMs. You can check out that document here. As a companion piece to the A...

Cyber SAR Requirements – What They Are And How We Can Help

Compliance ,
Incident Response

by Walker Banerd - April 13, 2017

In October, 2016, the Financial Crimes Enforcement Network (FinCEN) published an advisory regarding financial institutions’ obligations related to cyber crime. The key takeaway from the advisory is that suspicious activity reports (SARs) should be filed for cyber events, even when they do not result...

Hacking Hollywood: Cyber Security Threats in the Entertainment Industry

Data Breach ,
Incident Response
Industry

by Walker Banerd - April 5, 2017

The reach and profile of entertainment companies make them an attractive target for a diverse group of adversaries, each with their own motivations and methods. Insiders, content pirates, hacktivists, and state-sponsored attackers—all of these threats pose a tangible risk to the financial, legal and...

Meeting NERC CIP Requirements with a Centralized IRP

Compliance ,
Forensics
Incident Response
Industry
Physical Security

by Walker Banerd - March 29, 2017

The Critical Infrastructure Protection (CIP) program administered by the North American Electric Reliability Corporation (NERC) holds Utilities to a broad set of security standards in order to minimize risk to the power grid across North America. NERC CIP standards are comprehensive—encompassing cyb...

The True Cost of a Breach: Infographic

Data Breach ,
Incident Response

by Alex MacLachlan - March 24, 2017

We all know that security breaches can cost companies millions in regulatory fines and lost business. Plus, investigation and remediation costs can run into the millions of dollars, especially for attacks perpetrated by well organized adversaries. In other words, the cumulative cost of a breach beco...

Incident Response Trends in 2017

Incident Response ,
Industry
SOAR

by Walker Banerd - March 20, 2017

Analysts and security professionals agree that 2016 brought cyber security unprecedented levels of attention, with vivid examples of cyber attacks in the news, and a seemingly constant string of hacks, ransomware, and other malicious incidents. The ubiquity of cyber incidents has led to a major shif...

Stories From The Front Lines: The Silo Effect vs. The Single Source of Truth

Compliance ,
Data Breach
Forensics
Incident Response
Industry

by Alex MacLachlan - March 16, 2017

Preface: This is the last installment of our three-part blog series called “Stories from the Front Lines”. This installment is slightly different, in that it features three different archetypical characters from different departments. Each of the problems they face is different, but keep reading t...

How to Comply With 23 NYCRR 500

Compliance ,
Data Breach
Incident Response
Industry

by Walker Banerd - March 13, 2017

In February of 2017, the New York State Department of Financial Services (NY DFS) released the updated version of their Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500). The new legislation, which takes effect on March 1, reflects a growing concern in the NY DFS regarding t...

How Root Cause Analysis Can Help Your Hospital Avoid HIPAA Fines

Compliance ,
Data Breach
Forensics
Incident Response
Industry

by Alex MacLachlan - March 10, 2017

The Health Insurance Portability and Accountability Act or HIPAA provides data privacy and security provisions for safeguarding medical information. HIPAA regulations are enforced by the Department of Health and Human Service’s Office for Civil Rights (OCR). This office carries out its mandate by in...

5 Incident Response Takeaways from the Yahoo Breach Fallout

Compliance ,
Data Breach
Incident Response
Industry

by Walker Banerd - March 10, 2017

The ongoing fallout from the 2014 data breach at Yahoo has personally cost CEO Marissa Mayer upwards of $14 million. On March 1, Mayer announced on her blog that she had agreed to forego her annual bonus and equity grant, due to the breach happening on her watch as CEO. The bonus is worth $2 [&helli...

Stories From The Front Lines: Digital Forensics Case Management Systems

Forensics ,
Incident Response

by Alex MacLachlan - March 7, 2017

Preface: This is the second installment of a 3-part blog series called “Stories from the Front Lines”. Each installment will feature a different security industry persona-archetype, inspired by real D3’s projects and interactions with customers. Each will illustrate a common problem, and discuss a...

Incident Response In the Energy Industry

Compliance ,
Incident Response

by Alex MacLachlan - March 6, 2017

In November 2015, Tripwire and Dimensional Research commissioned a study assessing the cybersecurity challenges faced by organizations in the energy sector. Respondents included over 150 IT professionals from the energy, oil & gas and utilities industries. In addition to this study, Tripwire sur...

Cyber Security for the Manufacturing Industry

Incident Response ,
Industry

by Walker Banerd - February 26, 2017

According to the 2016 Cyber Security Intelligence Index performed by IBM’s X Force Research, manufacturing has moved up in the ranks to become the third most hacked industry second only to health care and information and communications. Businesses of these types include those that produce text...

Stories From The Front Lines: Part One

Compliance ,
Forensics
Incident Response
Industry

by Alex MacLachlan - February 24, 2017

Preface: This is the first installment of a 3-part blog series called “Stories from the Front Lines”. Each installment will feature a different user story, inspired by real D3’s projects and interactions with customers. Each will illustrate a common problem, and explore an effective solution with ...

Are Your Emails Safe From Prying Eyes?

Data Breach ,
Incident Response

by Alex MacLachlan - February 16, 2017

The much-publicised Democratic National Committee (DNC) email hack that resulted in nearly 20,000 confidential email messages leaked to WikiLeaks takes place amid a highly politized post-election environment. The US government has been quick to point fingers and label the attack a state-sponsored cy...

The Top 5 Features of D3 Security’s Avigilon Control Center Integration

Physical Security

by Alex MacLachlan - February 6, 2017

The D3 team is proud to announce that the D3 ONE enterprise security platform has been successfully integrated with Avigilon’s Control Center video management system. It’s an exciting integration that saw Avigilon and D3 work together to produce functionality that is seamless, easy-to-us...

D3 Guard Tour: A Security Officer’s Best Friend

Physical Security

by Alex MacLachlan - February 2, 2017

Imagine You’re a Casino Security Manager One of your officers has spotted an agitated man near the high-limit table games. The officer approaches, knowing that in order to make the right decision, he must figure out. Is he banned from the property or involved in previous incidents? Is he self...

Webinar: Go Beyond Incident Response

Compliance ,
Incident Response

by Alex MacLachlan - January 16, 2017

February 8, 2017 @ 3:00PM- 4:00PM EST Enterprises face significant financial, reputational, intellectual property, and legal risks from data breaches, with all types of enterprises falling victim – from government agencies like Office of Personnel Management (OPM) and the Internal Revenue Service (...

RSA Conference 2017

Events

by Alex MacLachlan - December 15, 2016

Collectively RSA’s conferences draw over 45,000 attendees per year, making them the world’s largest provider of security events. However, the real value of RSA Conference lies not in the size, but in the valuable content that is provided and the commitment to finding new industry voices and ne...

Using IR Automation to Overcome the IT Skills Gap

Incident Response ,
SOAR

by Alex MacLachlan - October 27, 2016

“Cyber threats have evolved from targeting and harming computers, networks, and smartphones — to people, cars, railways, planes, power grids and anything with a heartbeat or an electronic pulse.” Steve Morgan, Hackerpocalypse: A Cybercrime Revelation Nearly half of all cyberattacks strike small and ...

7 Reasons why Enterprises Need a NIST-Compliant Cybersecurity IRP

Compliance ,
Incident Response
Industry

by Alex MacLachlan - October 27, 2016

As cyber attacks inflict increasing damage on organizations of all kinds across every sector of the economy, it has become critical for cybersecurity programs to evolve. Gone are the days of rudimentary intrusion detection systems and retroactive damage control following a security breach. To be tru...

Why Your IT Ticketing System Doesn’t Cut it for Incident Response

Incident Response

by Alex MacLachlan - October 18, 2016

In order to weather an attack in today’s ever-evolving cyber security climate, an organization must develop comprehensive cyber resilience. Cyber resilience involves the leveraging of detection, incident response (IR), and prevention methodologies that contribute to the overall flexibility and ultim...

The Value of Unifying SIEM Data with your Incident Response Platform

Incident Response ,
SOAR

by Alex MacLachlan - October 18, 2016

Today’s security information and event management systems (SIEM) operate with a more extensive knowledge base than their predecessors, and they are more useful in detecting and logging data than ever before—but they are never more powerful than when they are paired with a unified incident response (...

Design an IRP That Exceeds NIST Standards

Compliance ,
Incident Response

by Alex MacLachlan - October 14, 2016

Whether you have already developed an incident response plan (IRP) or you’re just getting started, you can benefit from the best-practices and approaches outlined in the National Institute of Standards and Technology (NIST) Computer Security Incident Handling Guide. NIST has developed a comprehensiv...

Five Traits of Highly Effective CERT Teams

Incident Response

by Alex MacLachlan - October 14, 2016

Managing cyber security risks and threats effectively is about more than just having the right systems, plans, and protocols in place. It’s also about the people behind the operation who must manage these systems and make split-second decisions that could determine how quickly an incident can be con...

Improve your Incident Response Plan Through Automation

Incident Response ,
SOAR

by Alex MacLachlan - October 14, 2016

Cybersecurity is a tough, dynamic line of work. On any given day, you could be dealing with a phishing attack, insider breach, and previously unseen technology being used to launch an attack against your company. As cyberattacks become increasingly sophisticated, you must be prepared to invest time ...

Splunk> .conf 2016

Events

by Alex MacLachlan - October 14, 2016

A whole new world of opportunity exists in your data. Whether you want to improve IT performance, gain real-time business insights, understand user behavior, or reach new levels of security in your organization, .conf2016 has everything you need to help you achieve your goals. Join us in Orlando to ...

HPE Protect 2016

Events

by Alex MacLachlan - October 14, 2016

Join D3 Cyber and over 2,000 security professionals to learn how to best focus on your business-critical digital assets and the interactions between them, to implement a more proactive and effective pan-enterprise approach to security and risk management that balances regulatory requirements, threat...

Why you Need an Up-to-Date IRP

Incident Response

by Alex MacLachlan - October 14, 2016

A cybersecurity incident response plan (IRP) is your organization’s best protection against the pervasive threat of a breach or attack. An IRP provides a roadmap for how your organization can secure and monitor its assets, engage in proactive planning and threat mitigation, and response during and a...

How IT Forensics Can Help Your IR Team

Forensics

by Alex MacLachlan - October 13, 2016

The field of IT forensics is built on performing highly structured, specialized investigations to find out exactly what happened during a cybersecurity incident and what was the root cause. Forensic investigators typically work alongside with cybersecurity incident response teams to get to the botto...

Tips to Help You Effectively Manage Your IR Team

Incident Response

by Alex MacLachlan - October 13, 2016

A cybersecurity incident response team is the first and most important line of defense in preventing breaches and mitigating damage. Cybersecurity team members are highly trained professionals who thrive in a dynamic, ever-changing environment. One day, they’re making split-second decisions to prote...

Standardizing Your Incident Response

Incident Response ,
SOAR

by Alex MacLachlan - October 11, 2016

A cyber threat infiltrates your organization and a breach occurs. You and your team go into reactive fire-fighting mode. You isolate the threat and put it down. Crisis averted right? Well what if the attack was an APT (Advanced Persistent Threat)? Just because you pulled the thread and took care of ...

Protecting Your Critical Infrastructure

Compliance ,
Incident Response
Industry
Physical Security

by Alex MacLachlan - October 11, 2016

The Patriot Act was passed in 2001 in response to terrorist attacks on American soil. However, we don’t usually think about how it helped define cybersecurity and how it continues to inform the framework for defining critical infrastructures and how we protect them in the US. With a growing number o...

Critical Controls in Action

Compliance ,
Incident Response

by Alex MacLachlan - October 11, 2016

The story of the tortoise and the hare is relevant in building any cybersecurity program. When faced with the challenges that doing business online in our highly connected world presents, it may quickly seem like an arms race when it comes to cybersecurity. A race where every day there is a new way ...

Dealing with an Insider Threat

Compliance ,
Data Breach
Forensics
Incident Response

by Alex MacLachlan - October 11, 2016

Bob just killed the company, or did he? For many of us we spend more time with our co-workers then we do with our immediate families. Because of all this we don’t want to think that inside the pursuit of common goals, comradery, extended family and our team that there could be a bad egg […]...

Mall Security: Industry- Approved Tour & Incident Management System

Physical Security

by Alex MacLachlan - August 1, 2016

D3 is widely used by shopping centers, retail malls and property management companies. Our strong client relationships in this sector have allowed D3 to enlist mall security teams to help us develop, and test, a purpose-built D3 feature set for this industry. The result is D3 ONE a fully integrated ...

Incident Response Software: 5 Things to Know

Incident Response

by Alex MacLachlan - January 16, 2016

It doesn’t take a security professional to know that even the most infinitesimal incident can trigger much greater consequences. Because whether security, safety or compliance; even the smallest incidents can bring large and complex companies to their reckoning – by themselves or by contributing to ...

Hospital Cyber Security: Risk Reduction in 5 Easy Steps

Compliance ,
Data Breach
Incident Response
Industry

by Alex MacLachlan - December 18, 2015

Securing private health information and responding to security breaches have presented incredible challenges to hospitals whose healthcare records yield 10 to 20 times more value on the black market than credit card information. Moreover, the proliferation of BYOD, social media and phishing scams, m...

Incident Management Software Drive Cost Reductions at Utilities

Compliance ,
Incident Response
Industry

by Alex MacLachlan - June 8, 2015

With the unique ability to categorize different energy diversion types and perform theft analytics, D3 Security’s Incident Reporting and Case Management products give utilities and their security teams an incisive view at the root cause of energy diversion losses. Theft Analytics Drive Energy ...

5 Benefits of Incident Response Software for Utility Companies

Physical Security

by Alex MacLachlan - May 11, 2015

At D3 we help power and water authorities, utility regulators and mega-size utility corporations achieve new levels of security, investigation and employee safety. Most of the work is directed by our Energy & Utility Practice Group, an internal team dedicated to ensuring the success of D3’s util...

Clery Act Incident Reporting Software and Compliance

Physical Security

by Alex MacLachlan - April 4, 2015

Compliance with the Clery Act has posed many challenges for higher education institutions, which is why D3’s Clery Act Reporting and Compliance experience is an asset to all higher education organizations. This vital requirement is often performed incorrectly, with deficiencies only being reve...

Incident Response Software and Guard Tour for Hospitals

Physical Security

by Alex MacLachlan - February 2, 2015

Many leading healthcare organizations around the world have integrated D3’s security management suite. The result has been higher quality, enhanced efficiency and applications that integrate seamlessly with existing policies and procedures. When it comes to security, healthcare organizations a...

D3 Forensics Case Management System: CEIC’s Top 5 Features

Forensics

by Alex MacLachlan - January 31, 2015

D3 Security’s Forensics Case Management system garnered a lot of attention from CISOs, corporate investigators and eDiscovery specialists at the world’s largest data security and digital investigations conference, CEIC. They were impressed with how the workflows, automation features and logic built ...

RFID Guard Tour System Now Available

Physical Security

by Alex MacLachlan - November 4, 2014

Equipped with D3 Mobile, security officers can scan RFID badges at checkpoints, in turn tracking their tours, capturing high-quality security data and providing accurate performance and accountability measures to managers. Like barcode scanning, which is also available for the Guard Tour system, RFI...

The Top 3 Security Management Trends at ASIS 2014

Events ,
Physical Security

by Alex MacLachlan - October 7, 2014

Held at the sprawling Georgia World Congress Center in Atlanta, this year’s ASIS International Seminar & Exhibits was a big one for D3: from a 600 sq ft booth we churned out demo after demo of the D3 ONE Enterprise Security Platform—and its fully integrated Incident Reporting, Case Management, I...

Clery Act Compliance: Accountability for Colleges and Universities

Compliance ,
Physical Security

by Alex MacLachlan - October 6, 2014

The Clery Act was introduced in 1990 to enforce the disclosure of campus security policy and crime data of all universities and colleges in the U.S. after a serious incident occurred resulting in the death of 19-year-old Jeanne Clery. The U.S. Department of Education laid out four main requirements:...

D3 Users’ Conference 2014: Looking Back & Moving Forward

Events

by Alex MacLachlan - May 29, 2014

Only a few months ago, we announced our first annual D3 Users’ Conference—and on an action-packed May 20, 2014 in Chicago, D3 customers representing virtually every major industry mixed and mingled, shared best practices, and took part in product introductions, educational workshops and an outstandi...

D3 Security’s Lenel Integration

Physical Security

by Alex MacLachlan - February 17, 2014

D3 Security is proud to announce the integration of the D3 ONE Enterprise Security Platform with Lenel’s OnGuard access control system and D3 Security’s inclusion in the OpenAccess Alliance Partnership. The integration represents a significant opportunity for Lenel and D3 Security customers to...