SIEM

Must-Have Features of a Modern SIEM

Oct 23, 2020 By Raj Pagariya In Logsign

Initially, Security Information and Event Management (SIEM) solutions were readily adopted because of their capability to provide actionable insights into the deep corners of an organization’s network. Legacy SIEM systems helped in understanding when and where security incidents are happening in real-time. Soon enough, these SIEM systems faced an avalanche of false positives, and they required a dedicated team to filter out irrelevant alerts.

Logsign

Read more about Must-Have Features of a Modern SIEM

EventSentry v4.2 New Features: Management Console Walk-Through

Oct 22, 2020 By NETIKUS.NET LTD In EventSentry

Explains the new features in v4.2 in the management console.

EventSentry

Read more about EventSentry v4.2 New Features: Management Console Walk-Through

Investigate Stormshield & SonicWall Events with Logz.io Cloud SIEM

Oct 21, 2020 By Charlie Klein In logz.io

Stormshield and SonicWall are popular firewalls used to monitor network traffic for malicious actors. Firewalls can help detect all kinds of attacks, like brute force logins, DDoS, and SQL Injection, but they just make up a piece of the security puzzle. Most teams will have many other security tools that address different kinds of vulnerabilities and attacks.

logz.io

Read more about Investigate Stormshield & SonicWall Events with Logz.io Cloud SIEM

Secure Your Endpoints with Trend Micro & Logz.io

Oct 19, 2020 By Gedalyah Reback In logz.io

Trend Micro Cloud One is a strong enterprise data security solution for data centers and cloud environments. Trend Micro’s advantages, like most other security tools, lie in its pairing with other security resources. That’s where Logz.io comes in. It brings together disparate data that Trend Micro tracks to create fully summarized dashboards and extremely detailed ones with specific focuses.

logz.io

Read more about Secure Your Endpoints with Trend Micro & Logz.io

Cybersecurity Experts Discuss: SIEM Enrichment

Oct 16, 2020 By Steve Harrington In Cygilant

Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint discuss why SIEM enrichment is essential to cybersecurity and how it improves your SOC. A mountain of data doesn’t do businesses any good unless it is put to good use. This is why data enrichment is essential.

Cygilant

Read more about Cybersecurity Experts Discuss: SIEM Enrichment

5 Things to Know When Choosing Open Source SIEM Tools

Oct 14, 2020 By Gedalyah Reback In logz.io

Security Information and Event Management (SIEM) tools focus on insights into IT environments and tracking records of all their operations. These IT environments can be application infrastructures, physical networks, and cloud networks. SIEM initially evolved from the log management discipline, which involved integrating security events with security information to collect, analyze, and report on activities in networks.

logz.io

Read more about 5 Things to Know When Choosing Open Source SIEM Tools

Sumo Logic Cloud SIEM overview

Oct 14, 2020 By Sumo Logic In Sumo Logic

Sumo Logic's Cloud SIEM solution provides security analysts with enhanced visibility to seamlessly monitor their on-prem, hybrid, and multi-cloud infrastructures and thoroughly understand the impact and context of an attack. In addition to supporting a wide spectrum of security use cases, including audit & compliance, Sumo Logic fused analytics and SOC automation to perform security analyst workflows and automatically triage alerts—increasing human efficiencies and enabling analysts to focus on higher-value security functions.

Sumo Logic

Read more about Sumo Logic Cloud SIEM overview

Cybersecurity Experts Discuss: Frameworks & MITRE ATT&CK

Oct 8, 2020 By Steve Harrington In Cygilant

Ben Harrison, Director SOC and Security Services, Cygilant and Jake McCabe, CISSP, Presales Director, LogPoint continue their discussion on modern SOC and SIEM by discussing frameworks. There are many cybersecurity frameworks examples, including NIST and ISO 27001, which provide a roadmap for organizations to protect themselves and their customers. The majority of these frameworks include SIEM, log management, and security detection.

Cygilant

Read more about Cybersecurity Experts Discuss: Frameworks & MITRE ATT&CK

Validating your IT environment, discovering browser extensions & more with EventSentry v4.2

Oct 7, 2020 By ingmar.koecher In EventSentry

This latest update to EventSentry improves your security posture with validation scripts, simplifies IT troubleshooting for both administrators and users, gives you visibility into installed browser extensions along with many other usability improvements in the web reports.

EventSentry

Read more about Validating your IT environment, discovering browser extensions & more with EventSentry v4.2

Data Management on Logsign SIEM: What you must know

Oct 7, 2020 By Raj Pagariya In Logsign

Log data plays an unparalleled role in the operation and functioning of a SIEM solution. Or in other words, logs are intrinsic for an effective SIEM solution. Without incoming log data from a variety of different sources in your IT infrastructure, a SIEM essentially becomes useless. In our previous posts, we have explored a variety of features of Logsign SIEM concerning dashboards, reports, search queries, alerts, and behavior definitions.