Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

SIEM Integration on the Indusface WAS

Indusface WAS integrates with all major Security Information & Event Management (SIEM) providers that integrate with Amazon S3. With this integration, you can push logs from Indusface WAS into leading SIEM providers like SumoLogic, RSA, Splunk, and McAfee. Given the complexity of modern architectures encompassing multiple security devices and environments, organizations increasingly rely on SIEM solutions.

How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform

In Part 1 of our SIEM blog series, we discussed the state of SIEMs today and how CrowdStrike Falcon® LogScale solves five key SIEM use cases while improving security outcomes and cost savings compared to traditional SIEMs. Our conversations with customers have made it clear: SIEM requirements don’t stop at the five use cases covered in that blog. Modern SIEM systems extend beyond log management to deliver full threat detection, investigation and response.

Identify Gaps and Thwart Attacks with Devo Exchange and the MITRE ATT&CK Framework

The MITRE ATT&CKⓇ framework holds immense value in the realm of cybersecurity. With its comprehensive and structured approach, it serves as a powerful tool for understanding and countering complex, multi-vector cyber threats.

Centralized Log Management for ANSSI and CIIP Framework Compliance

Decree No. 2009-834 established ANSSI (Agence nationale de la sécurité des systèmes d’information) as the National Cybersecurity Agency of France in 2009. In 2013, Article 22 of the Military Programming Law defined ANSSI’s functions and responsibilities, giving the agency regulatory and enforcement powers. Further, ANSSI is France’s primary point of contact with the larger European Union (EU) Network and Information Systems (NIS) Directive, with Decree No.

5 Telltale Signs You're Running a Cloud-Hosted - Not a Cloud-Native - SIEM

The necessity of a SIEM for organizations and their security teams has evolved dramatically over time. It has gone from edge use cases and compliance to the current preferred form of threat detection, hunting, and incident response. As the use cases have changed, so has the architecture. As a result, organizations that have been running their SIEM on-premises are now looking for modern architectures to reduce the workload on their analysts. The simple choice: SaaS, of course.

Are Your Threat Hunters Too Distracted?

Threat hunters are some of the most specialized and experienced workers in the SOC. They are incredibly valuable to the organization, but as the 2023 SANS Threat Hunting Survey finds, they’re continually being asked to multi-task and take on other duties. And that’s taking away from their primary job of hunting for threats. How can we change this status quo and help threat hunters (and the organizations they work for) be successful? That’s the million-dollar question.

Privacy Risk Management Across the Data Lifecycle

As a kid, keeping a secret meant not telling anyone else information that a friend chose to share with you and trusted you to protect. In the digital era, protecting customer and employee sensitive data works similarly. Although establishing privacy controls and maintaining data protection are more difficult when managing complex IT environments, the principles underlying your data protection initiatives remain the same.

How does Elastic Security drive value to your organization?

Introducing the new Elastic Security Value Calculator. With this tool, you can quickly quantify the financial efficiencies Elastic® can deliver for your organization. Estimate Elastic's value to your organization. Visualize how Elastic Security improves KPIs around risk, costs, and productivity. The numbers tell the story: achieving holistic visibility reduces risk, improves productivity, and drives cost savings and revenue recovery.

A Guide to Digital Forensics and Incident Response (DFIR)

When you engage in a security incident investigation, you need to quickly sift through vast quantities of data. In that moment, tracking your attacker, containing the attack, and identifying the root cause are the activities that matter most. However, in an attack’s aftermath, the digital recovery process and post-incident paperwork becomes your new nightmare.

Responding to remote service appliance vulnerabilities with Sumo Logic

For those responsible directly or indirectly for the cyber defense of their organizations, June 2023 is proving to be an extremely challenging month. In this month alone, vulnerabilities were discovered in various appliances, ranging from CVE-2023-27997 impacting FortiGate devices to CVE-2023-35708 impacting MOVEit Transfer software as well as the exploitation activity discovered of Barracuda appliances via CVE-2023-2868.