Security Events Everywhere and None Worth Investigating
If you’re in security, you probably have some tool somewhere showing a lot of events. Verizon Data Breach Investigation Reports consistently show...
If you’re in security, you probably have some tool somewhere showing a lot of events. Verizon Data Breach Investigation Reports consistently show...
Security information and event management (SIEM) is about collecting, detecting, and responding. That is, collecting data into a single pane of glass...
Threats start with risks. Understanding risks is really just situational awareness. And that awareness leads to faster and better detection. The...
This time of year, people often ask me about highlights from the past year and what to expect in the new year. As I reflect back on major threats and...
"UEBA, it’s just a use case." – Netenrich CISO Chris Morales
He’s not wrong. But I’d take it a step further. User entity and behavior analytics (...
One vendor uses 5 patterns, the other uses 500 rules. What’s better?
Anyone who has configured a SIEM or UEBA (e.g., QRadar, Splunk, ArcSight,...
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.