SIEM

10 min read

The Great Correlate Debate SIEMs have been pitched in the past as "correlation engines" and their special algorithms can take in volumes of logs and filter everything down to just...

SECURITY

Matt Valites

Getting a Handle on Your Data

9 min read

When your incident response team gets access to a new log data source, chances are that the events may not only contain an entirely different type of data, but may also be formatted differently than any log data source you already have. Having a data collection and organization standard will ease management and analysis of […]

SECURITY

Matt Valites

Making Boring Logs Interesting

6 min read

This post centers around the practice of logging data - data from applications, devices, and networks - and how the components of data logging can help in the identification and remediation of network events.

SECURITY

Jeff Bollinger

Big Security—Mining Mountains of Log Data to Find Bad Stuff

4 min read

Your network, servers, and a horde of laptops have been hacked. You might suspect it, or you might think it’s not possible, but it’s happened already. What’s your next move? The dilemma of the “next move” is that you can only discover an attack either as it’s happening, or after it’s already happened. In most […]

SECURITY

Scott Pope

More Effective Threat Visibility Using Identity and Device-Type Context

3 min read

The focus of this post is on the use of ISE in collaboration with existing Security Event & Information Management (SIEM) and Threat Defense (TD) systems.to help customers automate the analysis of which security events in an environment require immediate attention more accurately and quickly.

SIEM

To SIEM or Not to SIEM? Part II

Getting a Handle on Your Data

Making Boring Logs Interesting

Big Security—Mining Mountains of Log Data to Find Bad Stuff

More Effective Threat Visibility Using Identity and Device-Type Context

CONNECT WITH US