Tag: reza Adineh
-
A quick review on the evolution of SIEM over the past decade.
In the early days of SIEM, the focus was primarily on log management and compliance reporting. However, as the threat landscape has evolved, the capabilities of SIEM solutions have expanded to include real-time threat detection and response. Today, SIEM solutions are seen as a critical component of an organization’s security infrastructure, providing a centralized view…
-
A quick review on SIEM deployment
SIEM deployment SIEM (Security Information and Event Management) is a critical component of an organization’s security infrastructure, providing a centralized platform for the collection, analysis, and correlation of security-related data from a variety of sources. A properly deployed SIEM can provide organizations with real-time visibility into their security posture, enabling them to quickly identify and…
-
A quick review on Splunk
time operational intelligence. With its ability to collect, store, and analyze large amounts of machine-generated data, Splunk has become a popular solution for organizations looking to improve their security operations and incident response capabilities. Technical Architecture: Splunk is built on a distributed architecture that allows organizations to easily scale the platform to meet their specific…
-
Technical checklist for evaluating a SIEM:
Here we have some general point to consider for SIEM evaluation: Note: This checklist is meant to be a general guide and the factors to consider may vary based on the specific requirements of your organization.
-
A quick review on MISP Malware Information Sharing Platform and Threat Sharing
Introduction: MISP (Malware Information Sharing Platform and Threat Sharing) is an open-source platform for sharing and exchanging threat intelligence information. It is designed to allow organizations to collaborate and share information about emerging cyber threats, as well as to provide a centralized repository for storing and managing threat intelligence data. Features and Functionality: MISP provides…
-
how to build a complete solution for security operation and security monitoring using best open source
Introduction: In the modern threat landscape, security operations and security monitoring are critical components of an organization’s overall security posture. In order to effectively detect and respond to threats, organizations require a comprehensive and integrated security solution that includes a range of tools and technologies. While commercial security solutions can be effective, they can also…
-
A quick review on successful forensic investigation key factors
Forensic investigations play a critical role in determining the cause and extent of security incidents, and in gathering evidence that can be used to prosecute the perpetrators. A successful forensic investigation requires a thorough understanding of the underlying technology and techniques, as well as a systematic approach to the investigation process. The following are some…
ReZaAdineH 