Security Events Everywhere and None Worth Investigating
If you’re in security, you probably have some tool somewhere showing a lot of events. Verizon Data Breach Investigation Reports consistently show...
If you’re in security, you probably have some tool somewhere showing a lot of events. Verizon Data Breach Investigation Reports consistently show...
Security information and event management (SIEM) and security orchestration, automation, and response (SOAR) are complementary solutions.
Security information and event management (SIEM) is about collecting, detecting, and responding. That is, collecting data into a single pane of glass...
One vendor uses 5 patterns, the other uses 500 rules. What’s better?
Anyone who has configured a SIEM or UEBA (e.g., QRadar, Splunk, ArcSight,...
Previous strategies in MITRE’s 11 Strategies of a World-class Cybersecurity Operations Center stressed the importance of collecting the right data —...
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.