Collaborate Disseminate
In our newest whitepaper, “Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks,” we dive into how traditional cybersecurity tools work, why this fundamentally limits them from being able to detect zero-day or pre… Continue reading Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks
One of the network security systems is sending solution usernames with uppercase to SIEM. All other systems are using lowercase when sending the username in logs.
Tried to search valid regex patterns – nothing was found.
If we talk about c… Continue reading Need to make changes in logs received by SIEM [closed]
The cybersecurity industry loves acronyms and XDR is rising swiftly to the top of the charts of the current lexicon. Extended detection and response (XDR) is a designation used when you do not have the ability to cover a wide range of threat vectors. S… Continue reading XDR and MDR: What’s the difference and why does it matter?
One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate.
Let’s explore this topic for the (n+1)-th time. And let me tell you … that “n” is pretty damn large since my first involvement with S… Continue reading Today, You Really Want a SaaS SIEM!
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is c… Continue reading Extending NDR visibility in AWS IaaS
On the surface, an “incremental stacking” approach to correlative analysis platforms like SIEM, XDR and UEBA is logical. Organizations can overcome some of the inherent limitations present in their security solutions by adding a network traffic analysi… Continue reading Incremental Stacking of Correlative Analysis Platforms Will Ultimately Prove Ineffective and Costly
A modern SOC should not be entirely dependent on human operators and their personal experience. The issue has been a foundational problem with not only the methodologies used by SOCs for the past 15 to 20 years, but it should be questioned whether the … Continue reading A Modern SOC Should Not Be Entirely Dependent On Human Operators and Their Personal Experience
In a cyber world filled with SIEMs, security appliances and anti-malware products, one would think that the specter of cybersecurity would be well under control. However, attacks are still on the rise, zero-day vulnerabilities are increasing and cyber… Continue reading Network Monitoring: The Forgotten Cybersecurity Tool
Last week Hunters hosted an exciting webinar featuring Omer Singer, Head of Cyber Security Strategy at Snowflake. While we had an engaging discussion on the evolution of security operations, security as a data game, and detection and response workflows… Continue reading Goodbye Event Management, Hello Extended Detection and Response
Uno de los cambios duraderos que trajo consigo la pandemia del COVID-19 es que obligó a las organizaciones a replantearse el concepto de espacio de trabajo. Ya que el trabajo remoto se volvió inevitable, los equipos de TI tuvieron …
The post Proteger … Continue reading Proteger un espacio de trabajo distribuido: Una lista de control de ciberseguridad para el trabajo remoto a largo plazo