The huge challenge presented by today’s attack campaigns – multi-stage attacks, with thousands of constantly evolving attack vectors – have led organizations to buy large number of of security products, and to rely on more IT data sources, in order to defend their networks.
COVID-19 is wreaking havoc with our lives and our businesses, but hackers aren’t resting. If anything, we’ve seen the level of cyber attacks increase and specifically target new vulnerabilities. Those entrusted with protecting organizations don’t have the luxury to panic, but...
Happy International Women's Day! empow's R&D team is today 60% women. How did we do it and what does it mean for the company culture?
Every year the SIEM industry holds its breath for Gartner’s SIEM Magic Quadrant report. And for good reason. Gartner coined the term SIEM in 2005 and is still an authority on the SIEM industry. The 2020 report holds some words of wisdom vendors should heed. Here are my three...
When open source parsers utilize the MITRE ATT&CK Framework, security analysts can use their time much more effectively - investigating the nature of threats instead of sifting through endless logs.
Iran cyber attacking the US is no longer a threat - it's our reality. How we can better prepare ourselves and make sure our SIEM is equipped to deal with this very serious threat?
Your Elastic stack is up and running, and you’re using Logstash for SIEM purposes. But you’re overwhelmed to discover that while every new system produces heaps and heaps of logs, each vendor uses their own data format, and employs a different set of values for describing...
SIEM has come a long way since it first came on the scene, about twenty years ago.
It began as a log management tool focused on simple collection and storage to meet compliance, and these use cases are still very relevant as 2020 draws nearer.
Initially,...
The SIEM market has evolved and today most solutions call themselves “Next Generation SIEM.” Effective NG SIEM should provide better protection and equally important, if not more, a much more effective, next gen user experience. What you should look for when evaluating a next...
Elastic’s Logstash multi-pipeline feature, introduced in Version 6.7, is a cool feature, that enables us to easily and flexibly write, maintain, and manage our SIEM parsers. Nevertheless, the fact that it requires manual configuration may lead to serious misconfiguration...