Skip to main content

Extracting Actionable Information from Windows Events

Within your corporate network, Windows event logs are a primary source of information that is critical to understanding user behavior and emerging security threats. But examining events individually does not provide the comprehensive picture that lets you see unusual or suspicious behaviors. Part of the problem is that there are a lot of events—more than 1600. You need to know which ones are important and which ones can be safely ignored. Another part of the[…]

Topics: SECURITY, SIEM, TIPS AND TRICKS

No SIEM? No Problem!

What kinds of imagery are conjured up when you think about a Security Operations Center (SOC)?  Perhaps a militaristic setting straight out of the movie War Games, but with upgraded tech? Or maybe a dark room with a few scruffy security analysts staring at a wall full of large monitors while they frantically hammer away on their keyboards? Possibly you’re envisioning a single security engineer wearing a nerdy T-shirt hidden away somewhere in the bustle[…]

Topics: SECURITY, TIPS AND TRICKS

Beyond Detection and Response: Hidden Benefits of Exabeam

When I ask our prospective customers why they are interested in UBA and Exabeam specifically, most have a common answer; they are looking to cash in on the promise of deriving usable intelligence out of the vast amounts of data they have spent time and money collecting. Organizations want increased visibility into the activities of users on their network to detect modern attacks and respond quickly. Solving these problems is at the center of what[…]

Topics: benefits, CUSTOMERS
2017