Tag: reza Adineh
-
OSINT against Threats
Introduction: Open Source Intelligence (OSINT) is the practice of collecting and analyzing publicly available information to gain insights into a particular subject or entity. In the realm of cybersecurity, OSINT can be an incredibly useful tool for threat hunting. By using OSINT, security teams can gather information about potential threats, including information about vulnerabilities, attacker…
-
Using Threat Intelligence to Conduct Effective Threat Hunting
Introduction Threat hunting is a proactive approach to detecting and responding to advanced cyber threats. The goal of threat hunting is to identify and mitigate potential threats before they can cause harm to an organization’s assets. Threat intelligence is an essential component of effective threat hunting. This white paper will explore the role of threat…
-
Use the SOC CMM as a baseline for assessment of the right SIEM you might need to consider
here is another approaches to use for assessment of the right SIEM product based on SOC-CMM approaches. There are 3 main categories to consider: 1-The basic and fundamental features of the SIEM 2-The security analytics requirement 3-The automation and orchestration requirement In the below table we can see the table of topics to consider for…
-
SIEM Assessment via Yes, No approaches
In many cases lots of companies need to assess the right product for using as the right tools as Security Incident and Event Management tools (SIEM), that is considered as the core product of the Security Operations Center (SOC). here there are 4 main general category to consider yes no questions. This approaches is the…
-
A quick review on Cyber Security Challenges
Introduction As our world becomes more and more digital, cyber security challenges have become increasingly important. Cyber security is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access. With the rise of cyber attacks, companies and organizations must implement effective cyber security measures to protect their sensitive information and…
-
Adapting to the Evolving Cybersecurity Landscape: Strategies for Preventing and Detecting Threats
Introduction: The cybersecurity landscape has changed significantly in recent years, with cybercriminals becoming increasingly sophisticated and targeting organizations of all sizes and industries. The COVID-19 pandemic has further amplified this trend, with remote work and the increased use of online services creating new cybersecurity risks. As a result, cybersecurity professionals must stay vigilant and adopt…
-
Is predefined correlation useful ?
Introduction: Security Information and Event Management (SIEM) solutions are designed to help organizations detect and respond to security threats in real-time. These solutions collect and correlate data from various sources, including network and security devices, to identify security incidents. One of the key features of SIEM solutions is the ability to use predefined threat correlation…
-
A quick review on Modern SIEM and Traditional SIEM
Modern SIEM vs Traditional SIEM I. Introduction A. Definition of SIEM Security Information and Event Management (SIEM) is a technology that allows organizations to collect, analyze, and correlate security events and information from various sources, including network devices, servers, and applications. B. Purpose of the white paper This white paper aims to provide a comparison…
-
SIEM, SOAR and The Hive Cortex
The hive In today’s world, cybersecurity threats are more prevalent than ever before. Companies are facing a growing number of threats, including malware, phishing attacks, ransomware, and more. To combat these threats, many companies are turning to Security Information and Event Management (SIEM) systems to monitor their networks and detect potential threats in real-time. However,…
ReZaAdineH 