SIEM (Security Information and Event Management) solutions are critical for monitoring and detecting potential security threats within an organization’s network. However, the effectiveness of a SIEM solution depends on how well it is tuned. A poorly tuned SIEM solution can generate a large number of false positives, which can lead to alert fatigue and make […]
SOAR (Security Orchestration, Automation, and Response) is a framework that combines security operations, automation, and response to detect, analyze, and respond to security incidents. SOAR helps organizations streamline their security operations by automating repetitive tasks, reducing response times, and improving the overall efficiency of their security operations. Implementing SOAR within an organization can be a […]
This article will focus mainly on important considerations when it comes to SIEM implementation. It also exposes some oversights during the run phase.
Only a few minutes before the end of 2017, a heavy year on cybersecurity from huge breaches through ransomware spreading and new vulnerabilities disclosers, to new defense technologies loudly evolving all around. I feel however almost tactless when I look the other way around and try to depict all of this in the real-world projects […]
As a starting point, a good basic understanding of possible Treat Intelligence integrations is a must. This will allow us to imagine fitting basic setup and future evolutions as TI operations mature inside the organization. We can form our first TI integration strategy on simple…
Equifax and Deloitte breaches detection took months! Why is it the case for big firms like Equifax & Deloitte? A SOC specialist analysis.
Indicators of Compromise (IOC) are items of forensic data (like information found in event logs or network flows), that highly indicate conceivably nasty activity in an organization’s system…
It has been 4 days now that OurMine claimed have been able to leak more than 3TB of corporate information’s from VEVO. As you probably already know, OurMine’s recent targets included also