Albert Einstein said, “We cannot solve our problems with the same thinking we used when we created them. “
In the security orchestration, detection and response arena, for the past twenty or so years, vendors have been doing essentially more of the same, while...
I just had an article published in Solutions Review covering the Twitter breach in which I addressed some of the vulnerabilities that may have been exploited in this attack, and what we can do to not fall victim to similar attacks. Twitter shared that: “We detected what we...
I recently published an article in Infosecurity Magazine about the dangers of putting our trust in Virtual Private Networks (VPN). Though VPNs have been with us for two decades, now that many more people are working from home, organizations are depending on them more and more.
I recently wrote an article, published in Solutions Review, on the benefits of approaching security orchestration and management through the lens of entities, rather than events. My argument in the article, as well as in a webinar on this topic, was that, like effective...
Security teams at large, distributed organizations face unique challenges, with analysts often working in the dark, lacking essential information about the organization. Automation technology can help bridge the gap caused by these more complex networks.
...
COVID-19 is wreaking havoc with our lives and our businesses, but hackers aren’t resting. If anything, we’ve seen the level of cyber attacks increase and specifically target new vulnerabilities. Those entrusted with protecting organizations don’t have the luxury to panic, but...
Every year the SIEM industry holds its breath for Gartner’s SIEM Magic Quadrant report. And for good reason. Gartner coined the term SIEM in 2005 and is still an authority on the SIEM industry. The 2020 report holds some words of wisdom vendors should heed. Here are my three...
Iran cyber attacking the US is no longer a threat - it's our reality. How we can better prepare ourselves and make sure our SIEM is equipped to deal with this very serious threat?
Your Elastic stack is up and running, and you’re using Logstash for SIEM purposes. But you’re overwhelmed to discover that while every new system produces heaps and heaps of logs, each vendor uses their own data format, and employs a different set of values for describing...
SIEM has come a long way since it first came on the scene, about twenty years ago.
It began as a log management tool focused on simple collection and storage to meet compliance, and these use cases are still very relevant as 2020 draws nearer.
Initially,...