Understanding what happened in a security incident and trying to analyze the root cause of an attack is like looking for a needle in a haystack. What would you do if you were faced with a security incident in your …
Protecting against Petya and other ransomware
As a security professional, which do you fear more: 1) explaining to your boss or CEO that your enterprise’s files are no longer accessible because they’ve been encrypted or 2) bungee jumping? I bet you and …
Log management and SIEM fundamentals: Comprehensive log collection and auditing
The first step in SIEM is collecting log data. Log data, as we saw in part 1, is what drives any SIEM solution. A SIEM solution should be able to process, in real time, large …
Log management and SIEM fundamentals: Getting started
Cyber attacks and network breaches can bring even the largest organizations to their knees. Recently, of course, we had the WannaCry ransomware attack, which not only highlighted the dire consequences of security vulnerabilities, but also reiterated the need …
Why privilege misuse is still a serious security risk for enterprises
The tenth installment of Verizon’s annual Data Breach Investigations Report (DBIR) came out in April, 2017. The DBIR does a lot for the public by providing a detailed analysis of security incidents and data breaches around the world. …
Brace yourself. GDPR is on the way.
Are you ready for May 25th, 2018?
A little less than a year from now, the European Union will implement the General Data Protection Regulation (GDPR) on May 25th, 2018. This regulation outlines how organizations — both commercial…
Will you survive the certificate war between Google and Symantec?
Google recently accused Symantec, one of the most prominent Certificate Authorities (CAs), of violating the trust internet users place in encrypted web communication. In his post in Google Groups on March 23, 2017, Google engineer Ryan Sleevi alleged that Symantec
…Kick-starting our free, online Log360 and ADAudit Plus workshop series
Security administrators are obviously concerned about external security threats, but did you know that internal threats can be just as dangerous? Sure you’ve got a bunch of things to audit—Windows workstations, servers, Unix machines, network devices, web servers, databases, other …
Could adding devices for log collection be any easier?
In December, we released EventLog Analyzer 11.3, which automatically discovers Windows devices from Active Directory and workgroups. This greatly simplifies the process of configuring Windows devices for log collection.
In our release last month, we built on this idea …