Blog Posts Tagged with "SIEM"

Ffc4103a877b409fd8d6da8f854f617e

Transforming SIEM - Gain Actionable Intelligence for Securing Information Assets (Webcast)

July 23, 2013 Added by:InfosecIsland News

In this webcast, our guest, John Kindervag, Principal Analyst, Security and Risk Management at Forrester Research, will describe a data security and control framework for collecting and analyzing new types of IT data to transform SIEM into a security and IT analytics tool.

Comments  (0)

1de705dde1cf97450678321cd77853d9

The Search for Infosec Minds

November 01, 2012 Added by:Ian Tibble

Since the early 2000s, I have commented in different forms on the state of play, with a large degree of cynicism, which was greeted with cold reservation, smirks, grunts, and various other types of un-voiced displeasure, up to around 2009 or so. But since at least 2010, how things have changed...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Real World Information Security

September 05, 2012 Added by:Tripwire Inc

Alex uncovered a poorly designed web page and convinced it to give up its secrets. What followed was a quick RDP war trying to plant our backdoor. I found myself with root level access having blasted away at it using Metasploit and uncovered several Easter eggs instructors had planted...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Is Packet Capture Critical? Heck Yes...

September 04, 2012 Added by:Richard Stiennon

Beaconing detection is a feature in the fastest growing security solutions in the market. I am tracking most of these vendors at 100% annual growth rates, a sure sign of a trend. Intelligent packet capture is a must-have technology in every cyber defense armament...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Detecting Unknown Application Vulnerabilities "In Flight"

July 10, 2012 Added by:Rafal Los

While you certainly can use velocity and frequency to detect attacks against a web application, high frequency doesn't always mean an attack or that a vulnerability is present. But, it is a fallacy to assume that a component needs to have a high frequency or velocity to signal targeting by an attacker....

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Logging: Opening Pandora's Box - Part 3 - Paralysis

May 17, 2012 Added by:Rafal Los

Paralysis can come from over-dependence on analysis. You've heard the term "analysis paralysis" where someone spends so much time trying to make the perfect decision while factors change that ultimately no decision is made before the deadline passes or some event happens...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Logging: Opening Pandora's Box - Part 2 - Elation

May 10, 2012 Added by:Rafal Los

Once you get over the anxiety of logging, a wave of elation generally hits. Whether you're getting excited about being able to catch evil-doers in the act, or the capability to notice system failures before they happen logging can save your skin more than you'd think...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Logging: Opening Pandora's Box - Part 1 - Anxiety

May 09, 2012 Added by:Rafal Los

You're probably worried that log analysis is going to consume all of your time, or you'll find out that your organization has been pwn3d for years and all your data has been exfiltrated in real-time and your latest database is being copied off to China... aren't you?

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Smart Grid Security, Challenges and Change

May 08, 2012 Added by:Larry Karisny

The cost and time of trying to become compliant with guidelines and standards will put smart-grid security years off before it can achieve any security solutions. There must be a way out of what people in the security business are now calling the "smart grid security circus"...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Planning for a Cyber Incident?

May 08, 2012 Added by:Infosec Island Admin

Organizations without an existing incident response capability should consider establishing one. To aid control systems owners and operators, the CSSP has prepared a Recommended Practice: Developing an Industrial Control Systems Cybersecurity Incident Response Capability...

Comments  (0)

94c7ac665bbf77879483b04272744424

Outsourcing SIEM and Log Analysis

April 29, 2012 Added by:Marc Quibell

What are the risks of MSSPs managing the detection and analysis of network activity data for your company? There are some events that, if detected early, may avert lawsuits, data breaches and other embarrassing or career-ending moments for a company...

Comments  (4)

B8db824b8b275afb1f4160f03cd3f733

Wait, What? Someone Has to Look at Those Logs?

April 26, 2012 Added by:Jack Daniel

Monitoring the performance of your MSSP is cheap insurance- the last thing you want to face is a failure of your service and the need to rebuild an in-house program. You thought getting all that data pushed out to the MSSP was a pain- just imagine trying to get it back...

Comments  (1)

1de705dde1cf97450678321cd77853d9

A Tribute to Our Oldest and Dearest Friend - The Firewall

April 22, 2012 Added by:Ian Tibble

We have a lot of bleeding edge software and hardware products in security backed by fierce marketing engines which set unrealistic expectations. Out of all these products, the oldest carries the highest bang for our bucks - the firewall...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Protecting Your Enterprise by Breaking It

April 20, 2012 Added by:Rafal Los

In a nutshell, if you (in information security) haven't broken things in your organization's networks, you're likely terribly unprepared for when things to wrong and thus are doing it wrong. Now, before you come all unhinged, read the rest of this post...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Webinar: Reducing Visibility Costs with Unified Security Management

April 17, 2012 Added by:Infosec Island Admin

Webinar: Thursday, April 19, 2012 12:00 PM - 1:00 PM EST - Beyond improving your basic defenses, understand how unifying security management can maintain compliance and provide visibility into your infrastructure at a lower cost than traditional approaches...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Reducing the Cost of Visibility with Unified Security Management

April 09, 2012 Added by:Infosec Island Admin

Webinar: Thursday, April 19, 2012 12:00 PM - 1:00 PM EST - Beyond improving your basic defenses, understand how unifying security management can maintain compliance and provide visibility into your infrastructure at a lower cost than traditional approaches...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »