Elastic’s Logstash multi-pipeline feature, introduced in Version 6.7, is a cool feature, that enables us to easily and flexibly write, maintain, and manage our SIEM parsers. Nevertheless, the fact that it requires manual configuration may lead to serious misconfiguration...
Since its first days, cyber security developed in a patchwork fashion. A security need came up, a product was developed to address it. After many years of this, the whole contraption reflects the ad-hoc way in which it was formed, like a kid’s tower of blocks about to...
Today is the last day of Infosecurity Europe 2019 and, besides looking forward to recuperating with a nice weekend in London, I’m reflecting on what I heard at dozens of meetings and talks with people at Infosec, and what the trends are in SIEM.
The much talked about cyber security skills shortage is getting worse. While SIEM was supposed to help lower the workload of security teams, this hasn’t actually been the case. An overview of what to look for - and what to look out for - when considering SIEM.
Since the birth of SIEM, there have been major shifts in the threat and security operations landscape which render the technologies of yesteryear – and even so called “NG-SIEM” solutions - obsolete. What has changed, and what needs to change to make SIEM effective?
Big data is not only getting big, it’s also getting very expensive. Most SIEM vendors charge customers by the volume of data they handle. This means not only that companies usually end up spending more on protecting their networks than they originally planned, but also that...
"Intent." Is there anything more essential to business decision-making and processes?
