Pick up any industry and you will realize that every one has gone through an evolution – from being entirely dependent on humans to being now run majorly by machines and automated processes. There comes a point, for every industry, where in order to function efficiently and effectively operate, automation becomes a necessity.

In the world of globalization, technology is being capitalized in every walk of life. People are transforming their routine works into machine-based automated tasks. The same is happening in the case of cybersecurity. SOAR solution, as one of the most effective cybersecurity solutions, provides security orchestration, automation, and response that help security analysts to manage and respond to numerous alarms at rapid speed.

As per Gartner definition, SOAR is the set of technologies that allow enterprises to collect security threats’ alerts and data from multiple sources, and then perform incident analysis and remediation process by using both human skills and machine power together to help in defining, prioritizing, and driving standardized incident response activities in accordance with a standard workflow.

In the second part, we will take the discussion forward from where we left in the first part. Earlier, we have discussed the basics of threat intelligence and its types. In this post, we will discuss various considerations while building a threat intelligence plan.

Easy deployment, an interface to be used intuitively and easily and a rule-based alert, bucket, dashboard and reports are the factors creating the simplicity mindset behind Logsign, who believes in “Simplicity is the ultimate sophistication”. The user interface used for the SOC teams’ threat and anomaly analysis has been designed in order to be understood easily and simply.

In the previous post, we discussed the basics of Threat Intelligence and its types by throwing light on the concept of knowns and unknowns. In information security, any information which can aid the internal security team in the decision-making process and reduce the recovery time accordingly is considered as threat intelligence. This first part in this series of articles will discuss threat intelligence cycle and its importance.

Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations. Information leakage can occur due to the misconduct of disgruntled employees or results in by virtue of a nefarious cyber-attack. The underlying sections will take a deep dive into two different scenarios—namely, The Trauma of IP Address Leakage and The Menace of Product Vulnerability Leakage.

The phrase Threat Intelligence has slowly gained significance in the information security community and their discussions. With the decision makers considering it as a high priority requirement, vendors have launched an array of products which are indeed confusing for an executive with the managerial background. This is an introductory post in our series of detailed discussion on threat intelligence.

Logsign proudly announces that our customers now have the opportunity to deploy Logsign on the Microsoft Azure cloud platform. As a next-gen, all-in one SIEM solution, Logsign primarily focuses on security intelligence, log management and easier compliance reporting for cloud, physical and virtual environments. In addition, Logsign unifies the view and monitoring of cloud and on-premises environments, and increases awareness via smartly designed, security-oriented dashboards.

Data generated by various devices connected in a network and operations being carried out on them is called as log data and we have already discussed why log management is important, considering the exponentially increasing number of attacks and their sophistication. Further, in the last blog post, we dealt with questions that you must your cloud-based log management service provider.