Skip to main content

SIEM

Ransomworm: Don’t Cry – Act.

WannaCry

In July last year, we released our research report on the Anatomy of a Ransomware attack in which we looked into both the financial model of ransomware and then detection as it unfolds. Due to the recent WannaCry ransomware craze, we think it’s time to revisit. When we addressed ransomware last year, we made a significant comment about the ever-evolving nature of malicious software. We predicted that in the near future (evidently now) ransomware will move[…]

Read more

Topics: data science, ransomware, SECURITY, SIEM, Uncategorized

5 Aspects to Consider When Evaluating SIEM Solutions

Considering SIEM Solutions

The SIEM category is quite mature; all Magic-Quadrant-Leader products are more than a decade old. In fact, the youngest product is 14 years old. When these products were in their prime, design requirements were different: an enterprise-class product might be expected to store 50 TB of logs; correlation rules were considered a major advance over signatures for detection; searches were judged on speed and it was acceptable to require complex search syntax; finally, the hard[…]

Read more

Topics: SIEM

Flipping the SIEM Value Equation

If you operate a SIEM, you probably deeply sympathize with what I’m about to say. SIEMs are over priced. More accurately, SIEMs are overpriced compared to the value they actually provide to their customers. Not only are these systems responsible for draining security budgets, they aren’t effective in helping customers to effectively manage security incidents. The Economics of SIEMs (and Razors) All legacy SIEMs have at least one thing in common, some form of data[…]

Read more

Topics: SECURITY, SIEM, TIPS AND TRICKS
2017