Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Is SIEM Suitable For My Organization?

Many people, when reviewing their security strategy, ask the question “is SIEM suitable for my organization”, or simply “is SIEM right for me?” And for a long time, the answer was “no unless you are a large multinational”. The price, the complexity and the hard-to-get value made SIEM a category suitable only for the big corporations with large security teams and budgets.

LogSentinel Honeypot: Malicious Actors Don't Wait

There’s an unwritten rule that every machine that becomes visible on the internet is under attack in under 5 seconds. We recently deployed our LogSentinel SIEM honeypot with one of our customers and that rule proved correct – immediately malicious requests from all over the world started pouring in, on almost all the protocols that we support – SSH, RDP, SMB, HTTP, and they haven’t stopped since.

PSD2 Requirements and Secure Logs

PSD2 is the new EU Directive that aims to open up the banks and allow non-banking institutions to provide payment services. It is a great thing but it comes with many requirements. They are in the form of implementing and delegated acts of the European Commission as well as guidelines of the European Banking Authority. The directive, the implementing acts, and the guidelines are mostly best industry practices with regard to security and risk management.

SIEM Solutions and Data Protection Compliance

Security Information and Event Management (SIEM) systems are vital to each organization. They transform simple event logs from various applications to detailed, in-depth behavior analysis thanks to advanced visualizations and analytics and sometimes machine learning and AI. They contain a palette of aspects covering the most crucial information security issues.

Why Are SIEMs Expensive?

SIEM (Security Information and Event Management) systems have a reputation for being expensive. And that’s generally correct – they can cost hundreds of thousands per year or have huge upfront costs. But why is that? There are several main reasons: All of this is changing. According to Gartner, SIEMs are going to the mid-market and these things don’t hold true there.

Free Ebook: SIEM for Work From Home Security

The number of cyberattacks has increased five-fold after COVID-19, as the pandemic brought new opportunities to cybercriminals. At this rate, cybersecurity threats are estimated to cost the world US $6 trillion a year by 2021. Since remote working became “the new normal”, it also became a growing gateway to new forms of data theft and as a result, companies face significantly increased risk of cyber-attacks and data breaches.

Alert Fatigue And Automation Fatigue

Alert fatigue is a well-known phenomenon with security products – the security team gets a lot of alerts (from the SIEM, for example), it tries to triage and act upon all of them, but at some point, they are so many and so few of them are actual threats, that the security team just ignores them. And that leads to both overworked security teams and an increased risk for missing an actual threat. Why is that happening? It’s hard to tweak a system right, no matter how flexible it is.

SIEM: What Is SIEM, How It Works, and Useful Resources

SIEM stands for Security information and event management. This technology has existed since the late 1990s. Traditional SIEM has been joined by a broad use log management technology that focuses on collecting various types of logs and events for different purposes, such as: SIEM vendors usually provide different combinations of functionalities to offer the benefits listed above.

Using SIEM for Simplifying SOX Compliance

The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications. To prove the integrity of financial data, companies must extend audit processes to the financial information stored within corporate databases.