SIEM 101 – Best Practices for Implementation
Security information and event management (SIEM) is about collecting, detecting, and responding. That is, collecting data into a single pane of glass...
Security information and event management (SIEM) is about collecting, detecting, and responding. That is, collecting data into a single pane of glass...
One vendor uses 5 patterns, the other uses 500 rules. What’s better?
Anyone who has configured a SIEM or UEBA (e.g., QRadar, Splunk, ArcSight,...
MITRE strategy 10 says measure performance to improve performance. It’s important to set a baseline of where resources spend their time and energy —...
As MITRE points out in strategy 9 of its 11 Strategies of a World-class Cybersecurity Operations Center, cross-functional communication is key to a...
Previous strategies in MITRE’s 11 Strategies of a World-class Cybersecurity Operations Center stressed the importance of collecting the right data —...
Strategy 6 of MITRE’s 11 Strategies of a World-class Cybersecurity Operations Center focuses on cyber threat intelligence (CTI) data. Strategy 7, on...
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.