Tag: Cyber Security
-
Building a Comprehensive Security Posture: The Zero Trust Architecture
Introduction: In today’s constantly evolving cyber threat landscape, it is essential to implement a comprehensive cybersecurity infrastructure that utilizes centralized integrated threat detection methods. One approach that has gained popularity is the Zero Trust architecture, which considers all entities as untrusted by default and requires explicit authentication and authorization for accessing resources. This paradigm shift…
-
A quick review on SANS SEC 555 course on SIEM with technical analytics
SIEM with Tactical Analytics: A Technical White Paper Introduction: The purpose of this white paper is to provide an overview of the SANS SEC 555 course, “SIEM with Tactical Analytics.” This comprehensive training program is designed to teach security professionals how to implement and effectively use a Security Information and Event Management (SIEM) system. The…
-
Unlocking the Power of SIEM for Threat Detection and Incident Response”
Introduction: Security Information and Event Management (SIEM) is an important tool for protecting an organization’s assets and infrastructure. It provides real-time threat detection and analysis capabilities through the collection and analysis of security events from a variety of sources. In this paper, we will discuss the goals and key components of a SIEM, as well…
-
Threat modelling for threat detection
Introduction: Security operations centers (SOCs) play a critical role in protecting an organization’s assets and infrastructure. Threat modeling is a critical component of modern security practices and allows SOCs to identify, analyze, and prioritize potential security threats. In this paper, we will focus on the use of the attack tree method and the MITRE Matrix…
-
Zero Trust Architecture
Introduction: Zero trust architecture is a cybersecurity approach that assumes that all network traffic is untrusted until proven otherwise. This means that every device, user, and system must be authenticated and authorized before being granted access to the network. Zero trust architecture helps to reduce the attack surface, minimize the risk of data breaches, and…
-
A quick review on Cyber Threats trends and perspective
Introduction: Cybersecurity has become a critical issue for organizations in all industries as the number and sophistication of cyber threats continue to increase. In order to effectively defend against these threats, organizations must have a clear understanding of the current trends and perspectives in the cyber threat landscape. In this technical white paper, we will…
-
A quick review on the evolution of SIEM over the past decade.
In the early days of SIEM, the focus was primarily on log management and compliance reporting. However, as the threat landscape has evolved, the capabilities of SIEM solutions have expanded to include real-time threat detection and response. Today, SIEM solutions are seen as a critical component of an organization’s security infrastructure, providing a centralized view…
-
A quick review on SIEM deployment
SIEM deployment SIEM (Security Information and Event Management) is a critical component of an organization’s security infrastructure, providing a centralized platform for the collection, analysis, and correlation of security-related data from a variety of sources. A properly deployed SIEM can provide organizations with real-time visibility into their security posture, enabling them to quickly identify and…
-
how to build a complete solution for security operation and security monitoring using best open source
Introduction: In the modern threat landscape, security operations and security monitoring are critical components of an organization’s overall security posture. In order to effectively detect and respond to threats, organizations require a comprehensive and integrated security solution that includes a range of tools and technologies. While commercial security solutions can be effective, they can also…
-
A quick review on successful forensic investigation key factors
Forensic investigations play a critical role in determining the cause and extent of security incidents, and in gathering evidence that can be used to prosecute the perpetrators. A successful forensic investigation requires a thorough understanding of the underlying technology and techniques, as well as a systematic approach to the investigation process. The following are some…
ReZaAdineH 