Architecture, Data collection and Engineering

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

The Last Watchdog

OCTOBER 23, 2023

And now, early adopters of security data lakes like Snowflake are saving more than two-thirds of what they were paying for their Splunk license. The Cisco acquisition shall exacerbate these challenges and speed up the adoption of security data lakes.

Architecture

Architecture Threat Detection Engineering Data collection

MSSP Focus: Three ways your SIEM (even NG-SIEM) is hurting your ability to grow

CyberSecurity Insiders

SEPTEMBER 22, 2022

SIEMs , in their inherent, built-in bias to complete data collection, means that a security team looking to identify threats will wade through oceans of irrelevant log data in the hopes of uncovering a danger. Instead, many are looking to do a better job of identifying and mitigating threats before they can harm their business.

Data collection

Data collection Technology Threat Detection Marketing

More SRE Lessons for SOC: Simplicity Helps Security

Anton on Security

NOVEMBER 17, 2022

Now, this is really juicy: “Essential complexity is the complexity inherent in a given situation that cannot be removed from a problem definition, whereas accidental complexity is more fluid and can be resolved with engineering effort.” Metrics and associated data collection? This line alone is magical for the SOC!

Engineering

Engineering Software Data collection Architecture

DTEX Systems Achieves Highest Total Score Among Fast Moving Leaders in the 2021 GigaOm Radar Report for UEBA

CyberSecurity Insiders

JANUARY 4, 2022

In addition to the distinction as a fast moving innovative leader, DTEX InTERCEPT received exceptional ratings for its lightweight agent-based deployment architecture, integrated investigation tools, data masking capabilities for end-user privacy, support for distributed endpoint and remote workforce security, and completeness of feature set.

Risk

Risk Data collection Architecture Marketing

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

It requires a massive architecture overhaul. To use SIEMs to address today’s increasing list of attacks is akin to attempting to retrofit a minivan with a Ferrari engine on it. Security analysts need the ability to view attacks as they unfold by enriching data collected from across the business with contextual and behavioral insights.

CISO

CISO Cyber Attacks Data collection Cybersecurity

More SRE Lessons for SOC: Simplicity Helps Security

Security Boulevard

NOVEMBER 17, 2022

Now, this is really juicy: “Essential complexity is the complexity inherent in a given situation that cannot be removed from a problem definition, whereas accidental complexity is more fluid and can be resolved with engineering effort.” Metrics and associated data collection? This line alone is magical for the SOC!

Engineering

Engineering Software Data collection Architecture

Rapid7 InsightIDR Review: Features & Benefits

eSecurity Planet

SEPTEMBER 24, 2021

Rapid7 combines threat intelligence , security research, data collection, and analytics in its comprehensive Insight platform, but how does its detection and response solution – InsightIDR – compare to other cybersecurity solutions? Architecture: Identifies network resources and connectivity requirements for agents.

DNS

DNS Technology Cybersecurity Data collection

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

CyberSecurity Insiders

SEPTEMBER 29, 2021

Section 40121: Enhancing Grid Security through Public-Private Partnership – The Secretary (Energy), in consultation with the Secretary of Homeland Security and the heads of other relevant Federal agencies, State regulatory authorities, industry stakeholders, and the Electric Reliability Organization, shall carry out a program— (A) to develop, (..)

Energy and Utilities

Energy and Utilities Cybersecurity Technology Architecture

Top MDR Services for 2021

eSecurity Planet

MAY 5, 2021

Key differentiators: Cloud-native architecture for use with cloud systems. The DFIR portion of Vigilance Respond Pro performs deep forensic investigations to identify root causes of vulnerabilities and reverse engineer malware. They provide detailed explanations of how data and machine learning are used to protect their clients.

Threat Detection

Threat Detection Technology Artificial Intelligence Cybersecurity

Best DevSecOps Tools

eSecurity Planet

MARCH 17, 2022

Kibana is a free GUI for organizations working with Elastic’s ELK stack for analyzing and visualizing data from nearly any source. The ELK stack consists of Elasticsearch for JSON-based search and analytics, Logstash for data collection and log parsing, Kibana, and the silent B (Beats for lightweight data shipping).

Penetration Testing

Penetration Testing Software Risk Firewall

Cyber Cyber, Burning Bright: Can XDR Frame Thy Fearful Asymmetry?

McAfee

MAY 26, 2021

EDR provides a natural data-rich progression to XDR on the Gartner 2020 Hype Cycle for Endpoint Security as the “next tech up” to provide meaningful and prescriptive training feedback to emerging AI platforms (e.g., IR Analyst A carried out Steps X, Y, and Z across Controls 1, 2 and 3 to negate Threat A).

Architecture

Architecture Marketing Technology Cybersecurity

The Case for Multi-Vendor Security Integrations

Cisco Security

AUGUST 26, 2022

Data collected from Umbrella can then be routed to Sumo’s Cloud SIEM, where it is then automatically normalized and applied to our rule’s engine. The Fastvue Site Clean engine intelligently interprets Cisco Secure Firewall log data so that non-technical employees can easily see what people are actually doing online.

Firewall

Firewall Authentication Passwords Threat Detection

Mystic Stealer

Security Boulevard

JUNE 15, 2023

As a result, this technique may bypass static antivirus signatures and complicate malware reverse engineering. Common functions include statistics dashboards, malware builders, controlling options and features, credential log and data access, integration configurations, and more. me/+ZjiasReCKmo2N2Rk (Mystic Stealer News).

Cryptocurrency

Cryptocurrency Password Management Malware DNS

34 Most Common Types of Network Security Protections

eSecurity Planet

MARCH 17, 2023

Examples of threatening traffic that IDPS solutions can combat include network intrusions, DDoS attacks, malware, and socially engineered attacks. Within this framework are requirements to minimize lateral movement and impact in breach scenarios as well as data collection and response requirements.

Network Security

Network Security Penetration Testing Firewall Software

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

Best of all, there is no incremental cost based on the volume of data collected. Radio frequency (RF) network and device data collected by Bastille Networks are available in SecureX threat response as an integrated source. Data includes RF Device location information, RF Device packet information, RF Network connectivity.

Technology

Technology Firewall VPN Authentication

APT trends report Q2 2023

SecureList

JULY 27, 2023

We now have better visibility into the group’s tactics, particularly in the areas of lateral movement, data collection and exfiltration. This sophisticated malware, completely rewritten from scratch, exhibits an advanced and complex architecture that makes use of loadable and embedded modules and plugins.

Malware

Malware Government Phishing Social Engineering

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

McAfee

NOVEMBER 12, 2020

More often we find the role of SOC analyst to be one of data wrangler – asking and answering key questions of the ‘data’ to determine if an attack is evident and if so, what is the scope and impact of the adversarial engagement. From Ismael Valenzuela , Senior Principal Engineer, McAfee.

Engineering

Engineering Risk Data collection Cyber Risk

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Solutions like XDR, SIEM, and MDM platforms, apart from traditional anti-virus products, enable centralized data collection, accelerate analysis, and correlate security events from various sources, facilitating swift response to complex incidents.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

MSSP Focus: Three ways your SIEM (even NG-SIEM) is hurting your ability to grow

Trending Sources

More SRE Lessons for SOC: Simplicity Helps Security

DTEX Systems Achieves Highest Total Score Among Fast Moving Leaders in the 2021 GigaOm Radar Report for UEBA

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

More SRE Lessons for SOC: Simplicity Helps Security

Rapid7 InsightIDR Review: Features & Benefits

How Will $1.9 Billion for Cybersecurity Protect American Infrastructure?

Top MDR Services for 2021

Best DevSecOps Tools

Cyber Cyber, Burning Bright: Can XDR Frame Thy Fearful Asymmetry?

The Case for Multi-Vendor Security Integrations

Mystic Stealer

34 Most Common Types of Network Security Protections

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

APT trends report Q2 2023

SOCwise: A Security Operation Center (SOC) Resource to Bookmark

Advanced threat predictions for 2024

Stay Connected