Collaborate Disseminate
I study computer security and I read articles about the potential usage of sequential pattern mining in IDPS products:
Database intrusion detection using role and user behavior based risk assessment
Building intrusion pattern miner for Sn… Continue reading Are sequential patterns used in practice?
The following is an excerpt from our recent whitepaper, “Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks,” in which we dive into how traditional cybersecurity tools work, why this fundamentally limits them fr… Continue reading The Aggregation Model is Falling Short
By Lana Knop, Chief Product Officer, Corelight Through our newly announced partnership with CrowdStrike, Corelight customers will be able to incorporate CrowdStrike’s best-in-class threat intelligence into Corelight Sensors to generate actionable alert… Continue reading CrowdStrike + Corelight partner to reach new heights
When all vendors in a new product category use the same use case to explain their value, I become concerned. About 15 years ago, when bombs were a constant threat in many parts of the world, I heard multiple vendors of intelligent video surveillance e… Continue reading Are TIPs Finally Converging With SIEMs?
I am looking for security examples where the order of log records, events, etc. is the key to find an anomaly, incident, etc. I’d like to prove that using sequential pattern matching (e.g. regex) is good for anomaly detection and sequentia… Continue reading Security use cases where the order matters
In the imperfect, real world, where SOC teams actually live, the SIEM log-based approach is fundamentally flawed. In fact, it tends to add more challenge to the workday for SOC teams, not less.
The post Log Data is Not Effective as a Foundation for Pre… Continue reading Log Data is Not Effective as a Foundation for Prevention, Detection, Remediation or Analytics
How many times have you hoped that a magic genie would somehow appear and grant three wishes? If the wishes were for your SIEM or security operations team, what would that be (and what kind of security certifications would you require of your genie)? … Continue reading Three Wishes to Revitalize SIEM and Your SOC
How many times have you hoped that a magic genie would somehow appear and grant three wishes? If the wishes were for your SIEM or security operations team, what would that be (and what kind of security certifications would you require of your genie)? … Continue reading Three Wishes to Revitalize SIEM and Your SOC
In our newest whitepaper, “Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks,” we dive into how traditional cybersecurity tools work, why this fundamentally limits them from being able to detect zero-day or pre… Continue reading Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks
One of the network security systems is sending solution usernames with uppercase to SIEM. All other systems are using lowercase when sending the username in logs.
Tried to search valid regex patterns – nothing was found.
If we talk about c… Continue reading Need to make changes in logs received by SIEM [closed]