Author: ReZa AdineH
-
A quick review on Cyber Security Challenges
Introduction As our world becomes more and more digital, cyber security challenges have become increasingly important. Cyber security is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access. With the rise of cyber attacks, companies and organizations must implement effective cyber security measures to protect their sensitive information and…
-
Adapting to the Evolving Cybersecurity Landscape: Strategies for Preventing and Detecting Threats
Introduction: The cybersecurity landscape has changed significantly in recent years, with cybercriminals becoming increasingly sophisticated and targeting organizations of all sizes and industries. The COVID-19 pandemic has further amplified this trend, with remote work and the increased use of online services creating new cybersecurity risks. As a result, cybersecurity professionals must stay vigilant and adopt…
-
Is predefined correlation useful ?
Introduction: Security Information and Event Management (SIEM) solutions are designed to help organizations detect and respond to security threats in real-time. These solutions collect and correlate data from various sources, including network and security devices, to identify security incidents. One of the key features of SIEM solutions is the ability to use predefined threat correlation…
-
A quick review on Modern SIEM and Traditional SIEM
Modern SIEM vs Traditional SIEM I. Introduction A. Definition of SIEM Security Information and Event Management (SIEM) is a technology that allows organizations to collect, analyze, and correlate security events and information from various sources, including network devices, servers, and applications. B. Purpose of the white paper This white paper aims to provide a comparison…
-
SIEM, SOAR and The Hive Cortex
The hive In today’s world, cybersecurity threats are more prevalent than ever before. Companies are facing a growing number of threats, including malware, phishing attacks, ransomware, and more. To combat these threats, many companies are turning to Security Information and Event Management (SIEM) systems to monitor their networks and detect potential threats in real-time. However,…
-
Do you think your SIEM is enough?
Is Your SIEM Working Well Enough? Many companies use Security Information and Event Management (SIEM) technology to support their cybersecurity programs. SIEM allows for the real-time collection and historical analysis of security events from a wide variety of sources, helping to detect threats and support incident response. However, it is important to ensure that your…
-
Is Your SIEM Working Well Enough? An Introduction to Threat-Informed Security Monitoring
In today’s world, cybersecurity threats are more prevalent than ever before. Companies are facing a growing number of threats, including malware, phishing attacks, ransomware, and more. To combat these threats, many companies are turning to Security Information and Event Management (SIEM) systems to monitor their networks and detect potential threats in real-time. However, simply deploying…
-
Building a Comprehensive Security Posture: The Zero Trust Architecture
Introduction: In today’s constantly evolving cyber threat landscape, it is essential to implement a comprehensive cybersecurity infrastructure that utilizes centralized integrated threat detection methods. One approach that has gained popularity is the Zero Trust architecture, which considers all entities as untrusted by default and requires explicit authentication and authorization for accessing resources. This paradigm shift…
-
A quick review on SANS SEC 555 course on SIEM with technical analytics
SIEM with Tactical Analytics: A Technical White Paper Introduction: The purpose of this white paper is to provide an overview of the SANS SEC 555 course, “SIEM with Tactical Analytics.” This comprehensive training program is designed to teach security professionals how to implement and effectively use a Security Information and Event Management (SIEM) system. The…
-
Unlocking the Power of SIEM for Threat Detection and Incident Response”
Introduction: Security Information and Event Management (SIEM) is an important tool for protecting an organization’s assets and infrastructure. It provides real-time threat detection and analysis capabilities through the collection and analysis of security events from a variety of sources. In this paper, we will discuss the goals and key components of a SIEM, as well…
ReZaAdineH 