SIEM – Page 13 – WindowsTechs.com

Featured Use Case: Why a Large Government Entity Replaced Their SIEM with MixMode

Posted on November 17, 2020 by Christian Wiens

Despite a three-year SIEM deployment and a two-year UBA deployment, government personnel needed an alternative to better detect and manage threats in real-time, as well as an improved platform for gathering comprehensive data.
The post Featured Use Cas… Continue reading Featured Use Case: Why a Large Government Entity Replaced Their SIEM with MixMode→

Full packet capture vs SIEM

Posted on November 11, 2020 by Pang Ser Lark

Instead of collecting various logs into the SIEM, can a full packet capture solution be better in terms of having to manage so many log sources?

Continue reading Full packet capture vs SIEM→

Why Network Data Should be the Foundation of Your Security Strategy

Posted on November 6, 2020 by Matt Alderman

The post Why Network Data Should be the Foundation of Your Security Strategy appeared first on Security Weekly. Continue reading Why Network Data Should be the Foundation of Your Security Strategy→

How Vendors Capitalize on SIEM’s Fundamental Flaws

Posted on November 5, 2020 by Christian Wiens

Because the fundamental nature of SIEM requires infinite amounts of data, security teams are forced to constantly wrangle their network data and faced with an unmanageable number of false positive alerts. This means they have to devise efficient ways t… Continue reading How Vendors Capitalize on SIEM’s Fundamental Flaws→

Sysmon Endpoint Monitoring: Do You Really Need an EDR?

Posted on November 3, 2020 by Matt Alderman

The post Sysmon Endpoint Monitoring: Do You Really Need an EDR? appeared first on Security Weekly. Continue reading Sysmon Endpoint Monitoring: Do You Really Need an EDR?→

A Return to Logs to Unjam the Security Deficit

Posted on October 29, 2020 by Albert Li

Some years ago, during the renaissance of security information and event management (SIEM), security became log crazy. The hope was that by gathering logs from networking and security devices and running them through the SIEM, security events could be… Continue reading A Return to Logs to Unjam the Security Deficit→

The Case Against Using a Frankenstein Cybersecurity Platform

Posted on October 29, 2020 by Ana Mezic

The cybersecurity market has, simply put, been cobbled together. A tangled web of non-integrated systems and alerts from siloed systems. Enterprises are now being forced to utilize a “Frankenstein” of stitched together tools to create a platform that m… Continue reading The Case Against Using a Frankenstein Cybersecurity Platform→

What Security Data Do I Really Need to Collect and Analyze?

Posted on October 27, 2020 by Matt Alderman

The post What Security Data Do I Really Need to Collect and Analyze? appeared first on Security Weekly. Continue reading What Security Data Do I Really Need to Collect and Analyze?→

Improving on the Typical SIEM Model

Posted on October 27, 2020 by Christian Wiens

Despite its inherent flaws, today’s SIEM software solutions still shine when it comes to searching and investigating log data. One effective, comprehensive approach to network security pairs the best parts of SIEM with modern, AI-driven predictive anal… Continue reading Improving on the Typical SIEM Model→

Five worthy reads: Preparing an incident response plan for the pandemic and beyond

Posted on October 23, 2020 by Muralikrishna U

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cyberattacks in the distributed workforce, this week we explore the concept of cybersecurity in… Continue reading Five worthy reads: Preparing an incident response plan for the pandemic and beyond→