SIEM

tripwire

What is a SIEM, And Why Should You Have One?

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified, holistic view of your infrastructure.

devo

How Devo Is Working with Google Cloud IDS to Deliver Greater SOC Visibility with Integrated Security Tools

As the only cloud-native logging and security analytics platform that enables organizations to take full advantage of all of their data to run and secure their business, Devo is committed to working with other leading security technology providers to bring advanced capabilities to our customers. That’s why we’re pleased to announce an integration with Google Cloud IDS.

Encryption in the Enterprise: What gets encrypted

In this webinar cut, we are going to review what kind of data should get #encrypted in the #enterprise. 👨‍💼 About the Speaker Bozhidar Bozhanov is co-founder and CEO at LogSentinel. He is a senior software engineer and solution architect with over 10 years of experience in the software industry. Bozhidar has been a speaker at numerous conferences and is among the popular bloggers and influencers in the technical field. He is one of the top-ranked users in Stack Overflow and his tech blog is recognized as one of the top Java developers blogs by international online media.
logsentinel

SQL Injections: Is There a Way for Real-Time Tracking and Prevention?

SQL injection (SQLi) is one of the most common code-injection techniques used to get information from one’s database. Generally speaking, this is malicious code placing in one’s database via a page input, most often a registration form. SQL injection usually occurs when you ask a user for input, like their username/user ID, and instead of a name/id, the user gives you an SQL statement that you will unknowingly run on your database.

logsentinel

SAP Security Monitoring and Why Is It Important

Security is a key element required by any enterprise technology for ensuring business success and growth as well as trust in their buyers. But where to start in setting up a security posture in your SAP environment? As a security specialist, you know your customers are usually only a click away from your services and products. Your clients might only notice technical deficiencies and will not get into detail about the security aspects of all the systems you use.

logsentinel

Kaseya Ransomware Attack: How It Affects MSSPs and SMEs, and What to Do to Prevent It

A cybercrime organization with Russian origins called REvil claims to have infected 1 million systems across 17 countries. It is now demanding $ 70 million in bitcoins in exchange for a “universal decryptor” that will return users’ access. Hackers targeted the US IT company Kaseya, and then used that company’s software to infiltrate the victims’ systems, using a zero-day vulnerability.

devo

Cloud Security Best Practices: Four Tips for Moving Security Technologies to the Cloud

In my previous post, I discussed cloud-computing security challenges identified in our new report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits. Based on a survey conducted by Enterprise Strategy Group (ESG), the report found that while cloud computing does initially introduce security challenges and increased complexity, it’s worth it in the end. That said, CISOs need to strategically invest time and resources to achieve better security outcomes.

Kaseya Ransomware Attack: How Did It Affect the MSSPs And What To Do To Prevent The Risk?

Kaseya #Ransomware Attack A #cybercrime organization with Russian origins called #REvil claims to have infected 1 million systems across 17 countries. It is now demanding $ 70 million in bitcoins in exchange for a "universal decryptor" that will return users’ access. Hackers targeted the US IT company #Kaseya, and then used that company’s software to infiltrate the victims’ systems, using a zero-day vulnerability.
devo

Detection and Investigation Using Devo: REvil Ransomware Kaseya VSA

On July 3, 2021, Kaseya reported1 a potential attack against its Virtual System/Server Administrator (VSA) that apparently had been limited to a small number of on-premises customers. Kaseya recommended an immediate shutdown of the VSA server until further notice. The small number of affected customers grew to thousands in just a few hours.