Advanced Persistence Threat, these groups are not an individual identity. They are mostly organizations or countries (based on agenda/political reasons) with expertise teams. Not a normal expert, they are trained professionals and they have the potential to break in any systems and move laterally in...
Types of SOC
Categorize SOCs that are internal to the constituency into five organizational models of how the team is comprised,1. Security team.No standing incident detection or response capability exists. In the event of a computer security incident, resources are gathered (usually from within the constituency)...
A short brief about Security Operations Center
What Is a Security Operations Center (SOC) ?A SOC is a team primarily composed of security analysts organized to detect, analyze, respond to, report on, and prevent cybersecurity incidents.The practice of defense against unauthorized activity within computer networks, including monitoring,...
Types of logs in windows ?
In specific with windows logs are three type system, security, and applicationApplication logEach application will have their logs, which will be triggered when it contains errors or warning will be sent to SOC for review.Security...
SIEM Better Visibility for SOC Analyst
We are in the complex world where attacks are increasing day by day, so today the cyber intelligence depends on SIEM as a part of infosec (security incident and event management).Most companies depend on logs and packets...
Top 10 Use Cases for SIEM
With the growing use of SIEM solutions, business houses are keen on solving a number security and business use cases seen during their day-to-day operations. In this post, we will go through the top 10 use cases with an overview of how you can use to detect any such behavior in your infrastructureThe...
Critical Controls and SIEM
Critical Control 1: Inventory of Authorized and Unauthorized DevicesSIEM can correlate user activity with user rights and roles to detect violations of leastprivilege enforcement, which is required by this control.Critical Control 2: Inventory of Authorized and Unauthorized SoftwareSIEM should...
How Exactly Would the SIEM raise an alert ?
Well, now you know that the logs from different devices are being forwarded into the SIEM. Take an example: A port scan is initiated against a specific machine. In such a case, the machine would generate a lot of unusual logs.Analyzing the logs, it will be clear that a number of connection failures...
Security Information/Events Logs
• Log Collection is the heart and soul of a SIEM – the more log sources thatsend logs to the SIEM, the more that can be accomplished with the SIEM. • Logs on their own rarely contain the information needed to understand theircontents...
How does SIEM Works?
One-stop answer is a co-relation. You may have noticed the word “Co-Relation” Yes, for the question How the SIEM works, But not that alone of course.Basically, a SIEM tool collects logs from devices present in the Organization’s infrastructure. Some solutions also collect NetFlow...
Security Information and Event Management (SIEM)
SIEM software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by network hardware and applications.Vendors sell SIEM as software, as appliances or as managed...
Comparison of Infrared, Radio waves, Microwaves
InfraredRadio WavesMicrowaves1Infrared is used for short-range communication like TV remotes, mobile phones, personal computers, etc. In science, the Infrared is part of a spectrum that is not visible to the human eyeRadio waves are the type of wireless communication that can travel large...
Types of Wireless Communication Media
We are living in a world, where we can connect with friends within seconds no matter how far they are. But this was not possible in earlier days. We all have heard and read that earlier communication is very tough as sending a letter will require many days and sometimes months. Today is not a...
Types of Cables used in Wired Communication Media
Twisted pair cableAs the name suggests these are two twisted pairs of cables or wires made up of insulated copper. These are twisted together in such a way that they run parallelly one wire is used for the transmission of data and the other...
Subscribe to:
Posts (Atom)