Netsurion Extends SIEM Service Reach to Remote Users

Netsurion has extended the reach security information event management (SIEM) service to now include remote offices and employees working from home. Company president A.N. Ananth said Remote Workforce Threat Detection is being added to its EventTracke… Continue reading Netsurion Extends SIEM Service Reach to Remote Users

New Video: How is MixMode Different From Today’s Network Security Tools?

With MixMode in the center of a program, we will make all the other security investments that you’ve made, better. So when you send data to your SIEM, when you send data to your SOAR, you don’t want those products to be overwhelmed with fal… Continue reading New Video: How is MixMode Different From Today’s Network Security Tools?

Chocolate and Peanut Butter, Zeek and Suricata

By Brian Dye, Chief Product Officer, Corelight Some things just go well together. A privilege of working with very sophisticated defenders in the open source community is seeing the design patterns they use to secure their organizations – bo… Continue reading Chocolate and Peanut Butter, Zeek and Suricata

4 Challenges of Stand-Alone SIEM Platforms

While SIEM is undoubtedly a step up from unmonitored network environments, the inherent nature of today’s SIEM software often falls short in several important ways. SIEM is an outdated solution for adequately protecting networks within the modern… Continue reading 4 Challenges of Stand-Alone SIEM Platforms

In Splunk Enterprise Security Intelligence Downloads portion, what exactly does the "Fields" portion mean?

Trying to configure a download of MISP IoCs in Splunk ES, under Intelligence Downloads. It’s working for IPs but I can’t figure out how to tell Splunk that the feed contains more than just IPs, for example domains and hashes. From the docu… Continue reading In Splunk Enterprise Security Intelligence Downloads portion, what exactly does the "Fields" portion mean?

How the Role of the Modern Security Analyst is Changing

As organizations began to rely more heavily on networking to carry out their operations over the past decade, IT teams added security analyst positions. These professionals focused on network security and providing regulatory compliance oversight.&#160… Continue reading How the Role of the Modern Security Analyst is Changing

Integrating a SIEM solution in a large enterprise with disparate global centers

Security Information and Event Management (SIEM) systems combine two critical infosec abilities – information management and event management – to identify outliers and respond with appropriate measures. While information management deals with the coll… Continue reading Integrating a SIEM solution in a large enterprise with disparate global centers

Fake Cloud: Now There Are Two Hands in Your Pocket

More than a decade ago, I was working for a SaaS security company that shall remain nameless in this post, but can be easily figured out from my LinkedIn profile. Its CEO had a pithy saying that stayed with me ever since: to paraphrase, “no succe… Continue reading Fake Cloud: Now There Are Two Hands in Your Pocket