Information Security Blog

Learn the difference between IPS and IDS, how IPS security can save you time, which attacks it prevents, and get a brief review of top IPS appliances.

2019 promises to be as difficult to predict as every year, so Exabeam spoke to Professor Alan Woodward from the University of Surrey to get his thoughts on the cyber security landscape for the year ahead.

Exabeam’s Cybersecurity History Review: Read about Operation Aurora and the series of cyberattacks in 2010 conducted by the Elderwood Group based in Beijing, China, with ties to the People’s Liberation Army.

2018 was a memorable year for cybersecurity. Millions of people were impacted as we saw more companies hit by megabreaches—from a major hotel chain to a social media platform used by billions. Here are our top 10 blog posts that had the biggest readership and were the most noteworthy.

Learn about UBA technology, and its extension UEBA (User Entity Behavior Analytics), how it works, and which threats it uncovers that no other tool can see.

Learn about the MITRE ATT&CK framework, how it works, why it is an important tool, and why cybersecurity pros should pay attention.

Read about the cloud security strategies of a global engineering firm that employs tens of thousands of people. Reliable data security is not only critical to their business, it is also a primary component of the solutions they provide to their customers. Specifically, it’s essential that this firm protects their network of virtual machines (VMs) in their private cloud.

Security operation center (SOC) managers know their security analysts spend an enormous amount of time sifting through information and alerts across a variety of non-integrated tools, trying to find the data they need to investigate potential threats. Read how Exabeam Threat Intelligence Service directly integrates with your current SIEM for the most up-to-date threat intelligence so your analysts can identify and mitigate new and emerging attacks at no added cost or impact to the customer.

A global clothing manufacturer embraces cloud technology, and is using cloud services for software development and source code version control. It considers its source code to be intellectual property (IP) worthy of protection. Read how they prevent their source code from falling into the wrong hands and how they stop malware and ransomware.

There was the hotel chain, the genealogy site, and the social media platform used by billions. These are just a few of the companies that in 2018 experienced a megabreach, which is the theft of 10 million records or more. With more individual records exposed in the first six months of 2018 than in all of 2017, one could call 2018 “The Year of the Megabreach.” Read how 2018 represents more than a surge in the breach statistics and what social media influencers are predicting for 2019.

When I was preparing to write this blog, I spent time reviewing the 2018 Gartner Magic Quadrant for Security Information and Event Management report, then reviewed my analysis from the 2017 report. A few trends emerged. After reading this year’s report, my conclusions on the SIEM landscape are as follows:
– Threat management is paramount for growth
– Analytics is key
– SIEMs must be end-to-end