Collaborate Disseminate
The cybersecurity industry loves acronyms and XDR is rising swiftly to the top of the charts of the current lexicon. Extended detection and response (XDR) is a designation used when you do not have the ability to cover a wide range of threat vectors. S… Continue reading XDR and MDR: What’s the difference and why does it matter?
One thing I did not expect to see in 2021 is a lot of people complaining about how difficult their SIEM is to operate.
Let’s explore this topic for the (n+1)-th time. And let me tell you … that “n” is pretty damn large since my first involvement with S… Continue reading Today, You Really Want a SaaS SIEM!
By Vijit Nair, Sr. Director, Product Management, Corelight Comprehensive visibility is challenging in a cloud environment. While these environments are rich sources of telemetry and logs, it is challenging for security teams to ensure that logging is c… Continue reading Extending NDR visibility in AWS IaaS
On the surface, an “incremental stacking” approach to correlative analysis platforms like SIEM, XDR and UEBA is logical. Organizations can overcome some of the inherent limitations present in their security solutions by adding a network traffic analysi… Continue reading Incremental Stacking of Correlative Analysis Platforms Will Ultimately Prove Ineffective and Costly
A modern SOC should not be entirely dependent on human operators and their personal experience. The issue has been a foundational problem with not only the methodologies used by SOCs for the past 15 to 20 years, but it should be questioned whether the … Continue reading A Modern SOC Should Not Be Entirely Dependent On Human Operators and Their Personal Experience
In a cyber world filled with SIEMs, security appliances and anti-malware products, one would think that the specter of cybersecurity would be well under control. However, attacks are still on the rise, zero-day vulnerabilities are increasing and cyber… Continue reading Network Monitoring: The Forgotten Cybersecurity Tool
Last week Hunters hosted an exciting webinar featuring Omer Singer, Head of Cyber Security Strategy at Snowflake. While we had an engaging discussion on the evolution of security operations, security as a data game, and detection and response workflows… Continue reading Goodbye Event Management, Hello Extended Detection and Response
Uno de los cambios duraderos que trajo consigo la pandemia del COVID-19 es que obligó a las organizaciones a replantearse el concepto de espacio de trabajo. Ya que el trabajo remoto se volvió inevitable, los equipos de TI tuvieron …
The post Proteger … Continue reading Proteger un espacio de trabajo distribuido: Una lista de control de ciberseguridad para el trabajo remoto a largo plazo
APRA’s CPS 234 regulation section 56 states:
An APRA-regulated entity would typically deploy appropriate
information security technology solutions which maintain the security
of information assets. Examples include firewalls, network acce… Continue reading Can security devices (e.g. Snort, Splunk, WAFs, etc.) generate alerts when they aren’t working as designed?
Within the first 24 hours after deployment, MixMode had enabled the government entity to regain control over the security environment and network data infrastructure. No longer limited to log data analysis, they were able to identify and address real-t… Continue reading Maximize ROI with Greater Efficacy Using Unsupervised AI