Pick up any industry and you will realize that every one has gone through an evolution – from being entirely dependent on humans to being now run majorly by machines and automated processes. There comes a point, for every industry, where in order to function efficiently and effectively operate, automation becomes a necessity.

In the world of globalization, technology is being capitalized in every walk of life. People are transforming their routine works into machine-based automated tasks. The same is happening in the case of cybersecurity. SOAR solution, as one of the most effective cybersecurity solutions, provides security orchestration, automation, and response that help security analysts to manage and respond to numerous alarms at rapid speed.

As per Gartner definition, SOAR is the set of technologies that allow enterprises to collect security threats’ alerts and data from multiple sources, and then perform incident analysis and remediation process by using both human skills and machine power together to help in defining, prioritizing, and driving standardized incident response activities in accordance with a standard workflow.

In the second part, we will take the discussion forward from where we left in the first part. Earlier, we have discussed the basics of threat intelligence and its types. In this post, we will discuss various considerations while building a threat intelligence plan.

Easy deployment, an interface to be used intuitively and easily and a rule-based alert, bucket, dashboard and reports are the factors creating the simplicity mindset behind Logsign, who believes in “Simplicity is the ultimate sophistication”. The user interface used for the SOC teams’ threat and anomaly analysis has been designed in order to be understood easily and simply.

In the previous post, we discussed the basics of Threat Intelligence and its types by throwing light on the concept of knowns and unknowns. In information security, any information which can aid the internal security team in the decision-making process and reduce the recovery time accordingly is considered as threat intelligence. This first part in this series of articles will discuss threat intelligence cycle and its importance.

Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations. Information leakage can occur due to the misconduct of disgruntled employees or results in by virtue of a nefarious cyber-attack. The underlying sections will take a deep dive into two different scenarios—namely, The Trauma of IP Address Leakage and The Menace of Product Vulnerability Leakage.

The phrase Threat Intelligence has slowly gained significance in the information security community and their discussions. With the decision makers considering it as a high priority requirement, vendors have launched an array of products which are indeed confusing for an executive with the managerial background. This is an introductory post in our series of detailed discussion on threat intelligence.

Logsign proudly announces that our customers now have the opportunity to deploy Logsign on the Microsoft Azure cloud platform. As a next-gen, all-in one SIEM solution, Logsign primarily focuses on security intelligence, log management and easier compliance reporting for cloud, physical and virtual environments. In addition, Logsign unifies the view and monitoring of cloud and on-premises environments, and increases awareness via smartly designed, security-oriented dashboards.

From performance information to fault and intrusion detection, logs can provide you a lot more things with regard to what is happening on your systems and network along with the timestamps and order of the events. Logs can be invaluable for resource management, instruction detection, and troubleshooting. More importantly, logs can provide an admissible evidence for forensic purposes in the aftermath of an incident. The following sections provide a deep dive into some use-cases of logs.