Posts Tagged 'SIEM'
Fighting advanced threats with real-time SIEM In a recent study by Evalueserve for Intel Security, only 24% of companies surveyed were confident of their ability to detect an attack within minutes of it starting, and just under half said it would take days, weeks, or even months before they noticed. That is plenty of time for […]
In our previous Blog, we covered how customizing SIEM for threat management requires both resources and expertise. As a result, Intel security created “ready to go” content packs based on Gartner’s Top Use cases. targeting aspiring users to expand their SIEM detection and response use cases without spending countless hours and resources on tuning. Over […]
Companies appear to be recognizing the need for increased incident-response spending. Today the SANS Institute released a new incident-response survey that we co-sponsored, with some useful and encouraging findings for practitioners and managers of security operations. There’s quite a bit of good news. At least in part thanks to the increased integration of correlation and […]
The massive amount of log, event and flow data within the SIEM offers security analysts answers to essential security questions such as “who is accessing critical business systems,” or, more importantly, “was there any anomalous activity before, during or after the connection?” To get all these answers, though, users need to filter, correlate, and view […]
For the fourth year in a row, McAfee landed in the leader’s quadrant of the Magic Quadrant for Security Information and Event Management (SIEM) report, published by Gartner, Inc. The annual report, which came out in late July, evaluates vendors who offer SIEM products on both the ability to execute and completeness of vision. The […]