Cyber Defense/Game Strategy Analogy
If you are playing a team sport you can be fantastic at a single area, but still lose. For example, if you have great goal scorers and a...
If you are playing a team sport you can be fantastic at a single area, but still lose. For example, if you have great goal scorers and a...
Why is Email Analysis needed Phishing emails persist as one of the primary attack vectors targeting organizations. The Mitre ATT&CK...
SOCs typically revolve around watching/monitoring the Security Information & Event Management (SIEM) system as a single pane of glass for...
The default logging for Linux systems is syslog. Syslog was developed in the 1980s by Eric Allman who developed the sendmail protocol. ...
SOC Triad reference. ????pic???? Windows systems have been equipped with a robust logging system consisting of three main constructs:...
Data Centers are warehouse like buildings that seem to be being constructed all over the place. Data Centers house servers. Two of the...
The importance of Scanner Location & Continuous Vulnerability Monitoring In vulnerability scanning, it's a fundamental requirement for...
FortSIEM has 4 main components: Collectors Workers Supervisor Backend Lg DB Events come from the log sources into the collectors. The...
This blog post is going to discuss several aspects of the performance of your cyber security logging system. The logs need to be stored...
Implementing and running effective security logging systems is a complex task that takes a lot of work and money. For the most part...
Understanding SIEM Licensing There are several common SIEM licensing models, including: Events Per Second (EPS) Gigabytes per day (GBpd)...
A primary challenge in centralized log collection lies in the intricacy of transporting logs from their source to the backend logging...
Centralizing log collection within a Security Information and Event Management (SIEM) system is a crucial component of information...
There is a cliché business term that references the success of an information technology goal, business, function, etc comes down to...
Names phases of the "Intelligence Cycle"? Identify the level of indicators in the Pyramid of Pain? Identify the aspects of the Diamond...
Here are some key points to consider about CTI reports: The availability of CTI reports is on the rise, and their quality is improving....
Zeek (formerly known as Bro) is an open-source project conceived by Vern Paxson. Its roots trace back to its original incarnation as...
I recently finished the Champlain College Masters of Digital Forensics program. I have a background in telecommunications and networking...
The Cuckoo's Egg - Cliff Stoll The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage Paperback, 2005 (Audio available)...
Measuring and Managing Information Risk: A FAIR Approach - Jack Freund and Jack Jones Measuring and Managing Information Risk: A FAIR...