Skip to main content

TIPS AND TRICKS

Flipping the SIEM Value Equation

If you operate a SIEM, you probably deeply sympathize with what I’m about to say. SIEMs are over priced. More accurately, SIEMs are overpriced compared to the value they actually provide to their customers. Not only are these systems responsible for draining security budgets, they aren’t effective in helping customers to effectively manage security incidents. The Economics of SIEMs (and Razors) All legacy SIEMs have at least one thing in common, some form of data[…]

Read more

Topics: SECURITY, SIEM, TIPS AND TRICKS

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS, Uncategorized

No SIEM? No Problem!

What kinds of imagery are conjured up when you think about a Security Operations Center (SOC)?  Perhaps a militaristic setting straight out of the movie War Games, but with upgraded tech? Or maybe a dark room with a few scruffy security analysts staring at a wall full of large monitors while they frantically hammer away on their keyboards? Possibly you’re envisioning a single security engineer wearing a nerdy T-shirt hidden away somewhere in the bustle[…]

Read more

Topics: SECURITY, TIPS AND TRICKS

Data Science And Stateful User Tracking: The Two Key UBA Enablers

A big topic at recent security conferences has been the use of user behavior analytics (UBA) to assess cyber security risk. This approach is enabled by the recent application of data science and data modeling. However, any data science has to be supported by a platform designed from the ground up to enable this effort. In this blog, I’ll share thoughts on the areas where data science are most effective for UBA, and how data[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY, TIPS AND TRICKS

Dyer Malware Updated to Defeat Malware Sandboxing Solutions

Is this the beginning of the end of effectiveness for malware sandboxing solutions? Many organizations have invested heavily in malware sandboxing solutions as a way to detect malware that gets past anti-virus products. For many, this is the most advanced weapon they have for detecting and preventing a data breach. Yet, it now seems evident that enough organizations have these in place for attackers to have noticed and taken a few steps of their own.[…]

Read more

Topics: SECURITY, TIPS AND TRICKS

Passing the Hash Like It's 1999!

I wanted to start this post with a recap about the history of Pass-the-Hash (PTH) attacks and how they were a major threat; yet, is no  longer today. I really did.  In the last few weeks, I have been modeling behaviors of users in NTLM rich environments, only to learn that Pass-the-Hash still goes undetected after all those years. Further, NTLM is here to stay, at least for a while longer. Having said that, with user[…]

Read more

Topics: LIFE AT EXABEAM, SECURITY, TIPS AND TRICKS

Exabeam: Get User Behavior Intelligence in 2015

EXABEAM IS AVAILABLE! For every company, the first general availability (GA) release – Exabeam version 1.6 in our case – is a major milestone. The software is enterprise-ready, scales to monitor over 150,000 users with a single appliance, and it just plain works out-of-the-box. Exabeam enables organizations to realize the promise of their existing security information and event management (SIEM) deployments by applying user behavior intelligence to identify the attacker who evades detection from initial point-of-compromise[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS
2017