Best Cybersecurity Practices: SIEM-Log Management

Gartner has a report on the Critical capabilities of Security Information and Event Management(SIEM) software by 13 companies. Each company was analyzed on several characteristics AccelOps, AlienVault, BlackStratus, EMC, EventTracker, HP (ArcSight), IBM Security QRadar, Intel Security, LogRythm, Micro Focus International (NetIQ), SolarWinds, Splunk, and Trustwave Holdings Characteristics that were measured: Real-time monitoring, threat intelligence, … Read more

Hybrid Clouds Not Secure?

Rich Mogull at Scurosis Blog (#13 at http://oversitesentry.com/security-news-reviewed/) has the latest post https://securosis.com/blog/hybrid-clouds-an-ugly-reality The problem? A Hybrid cloud is by definition part cloud and part local systems.  One can easily imagine administration problems as files and data have to bridge both environments. The disadvantage is the loss of compartmentalization, i.e. the ability to say the cloud … Read more

Curious about latest Malware or Viruses?

https://isc.sans.edu/  has a good post on how to do some rudimentary searches… Specifically https://isc.sans.edu/forums/diary/Botnets+spreading+Dridex+still+active/20295/ is the post. The image above is the same image from isc.sans.edu today post, notice how Brad Duncan searched for the Dridex malware with the hash mark, so if there is a suspected malware you are interested in researching that is a great … Read more