Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Logging

Penetration Testing: Practical Introduction & Tutorials

You’ve built an awesome business — it is booming and making money. You’ve streamlined all the processes and operations. Business is good. But, when you build something great, it attracts cyber criminals. Your business is valuable to you and cybercriminals can leverage it. That’s why security is important. You can use different security approaches to secure your application, infrastructure and network. In this post we’ll focus on one such approach: penetration testing.

An Introduction to Windows Event Logs

The value of log files goes far beyond their traditional remit of diagnosing and troubleshooting issues reported in production. They provide a wealth of information about your systems’ health and behavior, helping you spot issues as they emerge. By aggregating and analyzing your log file data in real time, you can proactively monitor your network, servers, user workstations, and applications for signs of trouble.

Flow Use Case: Automate Continuous Firewall Traffic Monitoring

This Flow allows you to monitor all the traffic from your firewall by correlating it against a table that contains malicious IP addresses. If there is a match, Flow will generate an enriched event that will be logged in a designated my.app table. From this new table, you can take further action by creating detection rules to identify threats that put your organization at risk. Table of Contents.

Data Eats the World: You'll Consume It Intelligently with the Autonomous SOC

“Software is eating the world.” That phrase entered the high-tech lexicon in 2011, courtesy of Marc Andreessen, co-founder of both Netscape and venture capital firm Andreessen Horowitz. His thesis is proven time and again. If you substitute data for software, it amplifies the power of Andreessen’s observation. Consider the following statistics on how much data is created every day: Technology users alone generate more than 1.145 trillion MB of data every day!

Flow Use Case: Automate Continuous Firewall Traffic Monitoring

This Flow allows you to monitor all the traffic from your firewall by correlating it against a table that contains malicious IP addresses. If there is a match, Flow will generate an enriched event that will be logged in a designated my.app table. From this new table, you can take further action by creating detection rules to identify threats that put your organization at risk. Table of Contents.

Reducing Splunk spend with LimaCharlie

Endpoints as well as applications such as AWS, Google Cloud, Office 365, 1Password, Slack, and thousands of others produce vast amounts of data. The volume of security data is growing, and this growth will continue for the foreseeable future. This, in turn, leads to several challenges: To solve these problems, many companies have adopted Splunk as their SIEM (security information and event management) platform.

Graylog Security - The Affordable SIEM Alternative

Cyber resiliency is the new norm in cybersecurity. Nothing can be 100% secure, and you’re looking for a cost-effective solution to enhance your security posture. At the same time, the rapidly expanding cybersecurity technology market makes it hard to find something that best fits your needs. Most people looking at Security Information and Event Management (SIEM) platforms want a tool that gives them high fidelity alerts to prevent their security analysts from drowning in false positives.