SIEM Vendor Important Links Overview
it's very common for people to ask for learning, support sources on SIEM, here's an overview of such information. Microsoft Azure Sentinel DOCUMENTATION https://aka.ms/ »
5 September 2023, I spoke on the cyber security summit in Singapore. About "Cyber Threat Intelligence Use Cases" CTI USE CASE 0: Keyword Repository CTI USE »
Recently I had the opportunity to present to a group of Cyber Security Professionals on the topic of SIEM and SOC. It's a summary of most »
I have studied the SANS GCTI and EC-Council CTIA Cyber Threat Intelligence (CTI) certificates quite extensively and have attempted to summarize the 20% of the knowledge »
UPDATE: Based on feedback I have adjusted the model to a v2.0 version. Within Cyber Security Operation Centers everywhere in the world, everyday new "freshers" »
Anybody that has been working in (or with) the Cyber Threat Intelligence (CTI) industry has probably come to the conclusion that not all CTI vendors cover »
Currently there are many cyber security vendors out there that provide solutions that offer "AI" (artificial intelligence) or "ML" (machine learning) without specifying what that actually »
TLDR: Here is a summary As the world is rapidly adopting cloud platforms among the world, organization’s dependency on additional SaaS, PaaS and IaaS vendors »
In 2014 I'd written an article on the hard question of "Which SIEM use cases has most value/effect for the organization?" during my years in »
Within the last few years there has been a mainstream trend of the idea of "Fake News" or in other terms "disinformation". Before we step into »
On-Premise SIEM vs. Cloud-Native Comparison In recent years there has been a shift within the SIEM landscape with regards of the focus of monitoring not only »
I recently created a blog post where I proposed the OODA loop as part of a central SOC strategy. I've received lots of positive feedback from »
The last couple of years Threat Intelligence Platforms (TIP) have been increasingly more popular in many global Security Operation Centers (SOC). With this technology there comes »
The last few years within the Cyber Security Operations Center (SOC) Domain, several new technologies having been trending that enhance SOC capabilities. In particular I want »
With the emergence of SOAR technologies within the Security Operations domain it is clear that this technology has provided great value to departments swamped with tons »
What is a Use Case Framework? A Use Case Framework is an analytical tool that has a series of cyber security related distinctions which are translated »
it's very common for people to ask for learning, support sources on SIEM, here's an overview of such information. Microsoft Azure Sentinel DOCUMENTATION https://aka.ms/ »
Security Analytics is an overused buzz word in the security industry. But, What is it? What can you do with it? and Who can use it? »
RedSocks released a Malware Threat Detector appliance which uses netflow in correlation with Threat intelligence feeds and Heuristic patterns (Detection Only/IDS). I hooked it up »
Goal/Why? This article will describe models and processes to deal with two existing components of the SIEM Use case problem. Prevent organizations from building ineffective »
With the Following three models i would like to show: Alerting happens at maturity level 2/3 and in-depth analysis at maturity level 4/5 (first »