Posts Tagged 'SIEM'
Son las 3 de la mañana y en uno de los servidores de una empresa un código malicioso se “despierta” después que el sistema de seguridad, luego de revisarlo, aprobó su traslado fuera del área de cuarentena a otra máquina donde se manejan archivos seguros. A la mañana siguiente los responsables de sistemas descubren el […]
In a number of recently publicized breaches, and probably many other attacks, information that could have enabled the security team to catch and contain the attack were lost in the sheer volume of alerts. Your security team is getting alerts from internal sensors, threat intelligence from multiple sources, and potential indicators of attack or compromise […]
Fighting advanced threats with real-time SIEM In a recent study by Evalueserve for Intel Security, only 24% of companies surveyed were confident of their ability to detect an attack within minutes of it starting, and just under half said it would take days, weeks, or even months before they noticed. That is plenty of time for […]
In our previous Blog, we covered how customizing SIEM for threat management requires both resources and expertise. As a result, Intel security created “ready to go” content packs based on Gartner’s Top Use cases. targeting aspiring users to expand their SIEM detection and response use cases without spending countless hours and resources on tuning. Over […]
Companies appear to be recognizing the need for increased incident-response spending. Today the SANS Institute released a new incident-response survey that we co-sponsored, with some useful and encouraging findings for practitioners and managers of security operations. There’s quite a bit of good news. At least in part thanks to the increased integration of correlation and […]