Security Information and Event Management (SIEM) is a critical tool in modern cybersecurity, combining Security Information Management (SIM) and Security Event Management (SEM) to provide real-time monitoring, threat detection and incident response. Obrela’s SIEM solutions collect and analyse security data from various sources to provide a comprehensive view of the security landscape.

Vendor risk monitoring is the process of continuously identifying, assessing, and managing security risks associated with third-party vendors. This effort is crucial to a successful Vendor Risk Management program as it ensures an organization’s third-party risk exposures remain within acceptable levels throughout each vendor's lifecycle.

The effectiveness of your entire Vendor Risk Management program is contingent on your vendor risk monitoring capabilities. Insufficient vendor security monitoring that fails to detect cyber risks during onboarding or any new cybersecurity risks throughout the vendor lifecycle will inevitably emerge later on as a major breach risk. To help you choose a vendor risk monitoring solution that will maximize your VRM investment, this post ranks the top eight vendor monitoring platforms on the market in 2024.

Every day, new headlines emerge about another major corporation falling victim to a cyberattack, leaving businesses everywhere questioning their vulnerabilities. These breaches underscore the critical need for thorough risk assessments to identify and mitigate potential weaknesses. Proactively managing risks enables organizations to better defend against the relentless wave of cyber threats.

Like any chain, a software supply chain contains many links. These links consist of every actor involved in the development & deployment of your code in the Software Development Life Cycle (SDLC). An actor can be the developers, infrastructure components, and even repositories like GitHub. A company might have a very secure supply chain. However, it will only be as strong as its weakest link.

The enterprise technology landscape has changed significantly, driven by the rapid adoption of cloud technologies, evolving IT infrastructures, and evolving exploitation activities. This transformation requires that organizations take an updated approach to vulnerability management—one that goes beyond the traditional focus on patch management to encompass a broader spectrum of risks.

Howdy folks, it’s your friendly neighborhood transformational detection engineering evangelist Haylee Mills here. Maybe you’ve already been introduced to risk-based alerting, or maybe you’ve seen one of my many talks on the subject: Even if you haven’t, I’m super excited to share a brand new version of my step-by-step guide to success with the risk-based alerting framework!

In today’s business environment, cost reduction is a top priority for many organizations. Companies are increasingly adopting technologies that automate tasks and enhance efficiencies to achieve cost savings. However, minimizing risk should also be a key objective for every business.

From ransomware attacks to data breaches, the threats lurking within supply chains are more pervasive than you might realize. Many security teams aren’t aware of the various supply chain cyber risks lurking within their network, most of which are difficult to detect, manage, and mitigate. Let’s explore how to achieve a more secure and resilient supply chain.

Over the last month there have been some updates about the mysterious 7777 botnet—which was first mentioned in this post in October 2023. Until now, it was known that the botnet was made up of TP-LINK routers and that it was being used to execute very low volume and controlled brute force attacks on Microsoft 365 services targeting corporate accounts. In our continuous efforts to have all sorts of malware families under our radar, the 7777 botnet is no exception.