Category: Blog post
-
Use the SOC CMM as a baseline for assessment of the right SIEM you might need to consider
here is another approaches to use for assessment of the right SIEM product based on SOC-CMM approaches. There are 3 main categories to consider: 1-The basic and fundamental features of the SIEM 2-The security analytics requirement 3-The automation and orchestration requirement In the below table we can see the table of topics to consider for…
-
SIEM Assessment via Yes, No approaches
In many cases lots of companies need to assess the right product for using as the right tools as Security Incident and Event Management tools (SIEM), that is considered as the core product of the Security Operations Center (SOC). here there are 4 main general category to consider yes no questions. This approaches is the…
-
A quick review on Cyber Security Challenges
Introduction As our world becomes more and more digital, cyber security challenges have become increasingly important. Cyber security is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access. With the rise of cyber attacks, companies and organizations must implement effective cyber security measures to protect their sensitive information and…
-
Adapting to the Evolving Cybersecurity Landscape: Strategies for Preventing and Detecting Threats
Introduction: The cybersecurity landscape has changed significantly in recent years, with cybercriminals becoming increasingly sophisticated and targeting organizations of all sizes and industries. The COVID-19 pandemic has further amplified this trend, with remote work and the increased use of online services creating new cybersecurity risks. As a result, cybersecurity professionals must stay vigilant and adopt…
-
Is predefined correlation useful ?
Introduction: Security Information and Event Management (SIEM) solutions are designed to help organizations detect and respond to security threats in real-time. These solutions collect and correlate data from various sources, including network and security devices, to identify security incidents. One of the key features of SIEM solutions is the ability to use predefined threat correlation…
-
A quick review on Modern SIEM and Traditional SIEM
Modern SIEM vs Traditional SIEM I. Introduction A. Definition of SIEM Security Information and Event Management (SIEM) is a technology that allows organizations to collect, analyze, and correlate security events and information from various sources, including network devices, servers, and applications. B. Purpose of the white paper This white paper aims to provide a comparison…
-
SIEM, SOAR and The Hive Cortex
The hive In today’s world, cybersecurity threats are more prevalent than ever before. Companies are facing a growing number of threats, including malware, phishing attacks, ransomware, and more. To combat these threats, many companies are turning to Security Information and Event Management (SIEM) systems to monitor their networks and detect potential threats in real-time. However,…
-
Do you think your SIEM is enough?
Is Your SIEM Working Well Enough? Many companies use Security Information and Event Management (SIEM) technology to support their cybersecurity programs. SIEM allows for the real-time collection and historical analysis of security events from a wide variety of sources, helping to detect threats and support incident response. However, it is important to ensure that your…
-
Is Your SIEM Working Well Enough? An Introduction to Threat-Informed Security Monitoring
In today’s world, cybersecurity threats are more prevalent than ever before. Companies are facing a growing number of threats, including malware, phishing attacks, ransomware, and more. To combat these threats, many companies are turning to Security Information and Event Management (SIEM) systems to monitor their networks and detect potential threats in real-time. However, simply deploying…
ReZaAdineH 