Log analysis - SIEM SIEM, but different

Your Elastic stack is up and running, and you’re using Logstash for SIEM purposes. But you’re overwhelmed to discover that while every new system produces heaps and heaps of logs, each vendor uses their own data format, and employs a different set of values for describing...

Read the full article

Dec 25, 2019

Next Generation SIEM - 6 Things to Look For

The SIEM market has evolved and today most solutions call themselves “Next Generation SIEM.” Effective NG SIEM should provide better protection and equally important, if not more, a much more effective, next gen user experience. What you should look for when evaluating a next...

Read the full article

Nov 17, 2019

Preventing Misconfiguration in Logstash with empow’s Pipeline Viewer

Elastic’s Logstash multi-pipeline feature, introduced in Version 6.7, is a cool feature, that enables us to easily and flexibly write, maintain, and manage our SIEM parsers. Nevertheless, the fact that it requires manual configuration may lead to serious misconfiguration...

Read the full article

Oct 01, 2019
No More Posts