Hey, there. This is part six of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

Like the previous years, 2019 also witnessed the surge in data breaches and cyber-attacks. However, organizations having SIEM or/and SOAR system in place were better than those using traditional security tools. The cyber-attacks in 2019 were mostly related to financial crimes, supply chain attacks, phishing exploits, state-sponsored attacks, Grid attacks, health sector attacks, and attacks on IoT devices. Cybersecurity skills shortage was also one of the major concerns in 2019.

Hey, there. This is part five of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

With the advancements in technology, our businesses heavily rely on the computers, internet and transfer of massive amounts of data. We communicate via internet, store data on cloud systems, or even conduct our business off-site with the help of internet technologies. As an unavoidable result, the sensitive information regarding our customers and organizations are exposed to cyber threats including hackers, data breaches and more.

Security logs can be kept by the system itself or various applications that aim to provide security or enhance the efficiency of already installed security software. Read our article to learn more about them and for how long you should keep them.

Aiming to provide security for end-point users, end-point security is one of the most discussed components of data protection and cyber security. In this article, we will discuss what end-point security is and why it is important for your business. What is an end-point? An end-point refers to a distant device which has back and forth communication with a specific network. Such devices include desktops and laptops, mobile devices like smartphones and tablets, work stations and servers.

EventSentry v4.1 builds on v4.0 released earlier this year and offers a lot of exciting new & improved features that enhance a variety of different monitoring scenarios.

Defence in depth is an approach to IA. It derives its inspiration from the military strategy with the same name. In this article, we explained what defence in depth involves and why it is useful for your organization.

Nowadays, it’s not uncommon to see enterprise IT leaders in a situation that seems like a catch 22. Oftentimes, they are expected to be involved in making data-driven decisions for augmenting productivity and profitability. Paradoxically, they are preoccupied with what they consider as their core responsibilities – applying best practices to safeguard the IT infrastructure and expediting investigations when incidents occur.

ChatOps is one of the hot topics within the cyber security circles today. In this article, we will take a closer look at what it is and why it is useful especially in incident response.