Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

5 Telltale Signs You're Running a Cloud-Hosted - not a Cloud-Native - SIEM

The necessity of a SIEM for organizations and their security teams has evolved dramatically over time. It has gone from edge use cases and compliance to the current form of threat detection, incident response, and threat hunting. As the use cases have changed, so has the architecture. As a result, organizations that have been quite familiar with running their SIEM on-premises are now looking for modern architectures to reduce the workload on their analysts. The simple choice: SaaS, of course.

Are your credentials safe? Decoding credential phishing attacks

Companies have increasingly allowed bring your own device (BYOD) policies to support remote work, but in today’s cybersecurity landscape, this trend has led to an increased attack surface. Each additional endpoint increases the potential for credentials to be compromised through credential phishing attacks. Hackers are leveraging this trend to conduct insider attacks, leaving businesses vulnerable to data breaches.

CTO Talk: From the Sandbox - LogSentinel's Neural Network

Most of the current SIEM, SOAR, and XDR solutions with integrated deep neural networks focus only on rough correlations that have no causal relationship, which often leads to testing of deep learning systems in real conditions that are significantly different from learning scenarios, and they often give many false-positive results.

SIEM vs SOAR : Evaluating security tools for the modern SOC

A common question we receive is: should security orchestration, automation and response (SOAR) replace security information and event management (SIEM)? While the two technologies share some common components, they serve different purposes. As security teams look to modernize their security operations center (SOC) to meet the demands of cloud environments, automation is the key priority. To that end, it’s vital to understand the roles of both SIEM and SOAR.

LogSentinel Received an Award for "Most Reliable Vendor of the Year" 2022

22nd June 2022 Balchik, Bulgaria – LogSentinel received an award for “Most reliable vendor of the year” at this year’s biggest cybersecurity conference, hosted in Balchik, and organized by Computer2000, LogSentinel’s official reseller for the CEE area. LogSentinel presented “The Power of XDR, Staying Ahead of the Curve”. In the presentation, prof.

Analytics and Automation in the Autonomous SOC

SOC analysts suffer from alert fatigue caused by too many data sources and platforms, too little context in investigations, too few people, and too little time. Mature cybersecurity teams manage this challenge by leveraging an integrated set of data analytics capabilities from best-of-breed solutions to establish an end-to-end experience — from data collection to response.

The three core strengths of USM Anywhere

USM Anywhere is the ideal solution for small and mid-sized businesses that need multiple high-quality security tools in a single, unified package. There’s no reason large, global enterprises should have a monopoly on top cybersecurity technology. Solutions like USM Anywhere give smaller organizations access to security tools that are both effective and affordable.

Panther Labs CEO Jack Naglieri: How to make security operations painless

Today on the Future of Security Operations podcast, Thomas is joined by Jack Naglieri, CEO of Panther Labs, a cloud-native SIEM platform that alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, and huge scalability with zero-ops.

Follina - CVE-2022-30190

Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.