Tag: Threat detection
-
Detection-First SIEM: Rule Types, Dashboards, and Strategic Visibility
“You can collect all the logs in the world, but if you can’t detect, you’re just archiving risk.” Modern SIEMs aren’t just log aggregators—they are the analytical backbone of security operations. But to unlock their value, you need more than ingestion and alerts. You need detection-first thinking. This post outlines the real strategy behind detection-first…
-
A quick review on SIEM Implementation Technical Capability and Maturity Model
Introduction Security Information and Event Management (SIEM) solutions are essential components of modern cybersecurity architectures. These solutions enable organizations to collect, correlate, and analyze security-related data from various sources, including logs, network traffic, and endpoint devices. By providing real-time threat detection and incident response capabilities, SIEM solutions help organizations protect their assets and data from…
-
Threat modelling for threat detection
Introduction: Security operations centers (SOCs) play a critical role in protecting an organization’s assets and infrastructure. Threat modeling is a critical component of modern security practices and allows SOCs to identify, analyze, and prioritize potential security threats. In this paper, we will focus on the use of the attack tree method and the MITRE Matrix…
-
Using of Threat intelligence platform for successful threat detection and useful correlation in SIEM
Introduction: Threat intelligence is a critical component of modern cyber security, providing organizations with the information they need to detect and respond to emerging threats. One of the most effective ways to leverage threat intelligence is through the use of a Threat Intelligence Platform (TIP), which can provide organizations with the ability to detect, track,…
ReZaAdineH 