Security teams at large, distributed organizations face unique challenges, with analysts often working in the dark, lacking essential information about the organization. Automation technology can help bridge the gap caused by these more complex networks.
...
COVID-19 is wreaking havoc with our lives and our businesses, but hackers aren’t resting. If anything, we’ve seen the level of cyber attacks increase and specifically target new vulnerabilities. Those entrusted with protecting organizations don’t have the luxury to panic, but...
Every year the SIEM industry holds its breath for Gartner’s SIEM Magic Quadrant report. And for good reason. Gartner coined the term SIEM in 2005 and is still an authority on the SIEM industry. The 2020 report holds some words of wisdom vendors should heed. Here are my three...
Iran cyber attacking the US is no longer a threat - it's our reality. How we can better prepare ourselves and make sure our SIEM is equipped to deal with this very serious threat?
Your Elastic stack is up and running, and you’re using Logstash for SIEM purposes. But you’re overwhelmed to discover that while every new system produces heaps and heaps of logs, each vendor uses their own data format, and employs a different set of values for describing...
Since its first days, cyber security developed in a patchwork fashion. A security need came up, a product was developed to address it. After many years of this, the whole contraption reflects the ad-hoc way in which it was formed, like a kid’s tower of blocks about to...
Today is the last day of Infosecurity Europe 2019 and, besides looking forward to recuperating with a nice weekend in London, I’m reflecting on what I heard at dozens of meetings and talks with people at Infosec, and what the trends are in SIEM.
The much talked about cyber security skills shortage is getting worse. While SIEM was supposed to help lower the workload of security teams, this hasn’t actually been the case. An overview of what to look for - and what to look out for - when considering SIEM.
Since the birth of SIEM, there have been major shifts in the threat and security operations landscape which render the technologies of yesteryear – and even so called “NG-SIEM” solutions - obsolete. What has changed, and what needs to change to make SIEM effective?
