View the latest webcasts, videos, articles, whitepapers, and more.
Step up your threat hunting process without overwhelming your team. See where you sit on the Hunting Maturity Model today, and how to get...
Understanding the costs behind setting up and running a Security Operations Center is important to making informed decisions about how...
As more service providers explore offering a Managed Detection and Response (MDR) solution, they may face indecision or inertia during...
How do you remove blind spots from siloed security tools? What is the difference between Open & Native XDR?
It was great to be back in Chicago for ChannelCon 2022. Thank you to CompTIA for their successful event, with 1,000 attendees and vendor...
What functions are covered by a modern SOC? What do you need for a fully effective SOC? What are your alternatives?
Marketplace changes are inevitable. Rapid shifts to remote work, cloud computing, and digitalization have all led to increased demand and...
The rising level of security threats and public incidents demand new approaches to people, processes, and technology that optimize manual...
Change is the only constant in the IT security space. Here at Netsurion, we strive to empower organizations to take on ever-evolving...
Does the location of the physical SOC matter? How does the location of the security data differ, and why does that matter?
Threat hunting is gaining traction as businesses look for more proactive methods to combat multi-stage ransomware attacks and devious...
What is the difference between log management and SIEM? Why are both relevant and critical to IT security, compliance, and even...
CyberEdge’s 2022 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for...
Today’s always-on digital businesses and service providers rely on web applications and APIs to fuel growth, run eCommerce sites...
MITRE ATT&CKcon 3.0, the conference dedicated to the ATT&CK community, returned at MITRE headquarters in Virginia last month. As...
The escalating threat landscape is driving the need for a more proactive approach to cybersecurity. While Extended Detection and Response...
As advanced threats continue to morph and escalate, it’s easy to gravitate towards the latest tool or “shiny object” in...
There are three cybersecurity “givens” that small-to-medium-sized businesses (SMBs) often face. One is you are not too small...
Ransomware risk changed dramatically for Managed Security Service Providers (MSSPs) and their clients in 2021. The Kaseya hack used a...
Small-to-medium-sized businesses (SMBs) are continuously seeking ways to safeguard their data and resiliency against persistent criminals...
Software-as-a-Service (SaaS) applications and infrastructure providers like Amazon Web Services (AWS) and Microsoft Azure have become the...
Even though your business may have cybersecurity insurance, it doesn’t mean you can avoid the steps necessary to prevent bad things...
Skyrocketing ransomware threats and extortion demands show no sign of slowing down in 2022. Average ransomware demands surged by 518% in...
You’ve seen it over and over again in the headlines – small subcontractors are often soft-target gateways for hacking large...
Today’s modern attack surface encompasses the network, cloud, endpoints, mobile devices, and applications and is constantly under...
Being “cyber secure” is not for the faint of heart. As part of National Cybersecurity Awareness Month, we are counting down...
Success starts with a well-planned strategic budget. Face the fear…now’s the time to plan for powerful yet practical...
Ransomware has made a resurgence and is impacting both IT service providers and the businesses they serve. What if you had insights into...
Over the last decade we have seen the security technology market constantly splinter into smaller categories as emerging technology and...
A.N. Ananth outlines what happened with the Kaseya VSA ransomware attack, how it compares to the SolarWinds vulnerability, how Netsurion...
No matter what business you are in, it’s likely you view ransomware as one of the top cyber threats today. Adversaries are adapting...
Ransomware is a popular weapon for cyber criminals. Worldwide in 2020, there were 304 million ransomware attacks, a 62% increase from the...
Threat researchers detected threat group NOBELIUM conducting several waves of malicious spear phishing email campaigns. Each wave used...
Incomplete cybersecurity information visibility comes at a cost. Without real-time comprehensive visibility, organizations experience...
A.N. Ananth outlines Extended Detection and Response (XDR), its benefits, and use cases. He covers how Netsurion’s Managed Threat...
As one of the most used application suites, Microsoft (Office) 365 continues to ingrain its applications, products, and data into...
MSSPs need airtight threat detection and rapid, reliable remediation. The optimal way to do this is to ensure you have top-notch MDR...
In today’s Service Provider ecosystem, SOC-as-a-Service (SOCaaS) has become an accepted model for delivering cybersecurity capabilities. ...
Microsoft has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. According to...
Customers look to Managed Security Service Providers (MSSPs) as trusted advisors in achieving digital transformation and navigating ever...
Faced with rising cybersecurity concerns, MSPs and mid-sized organizations are maturing their security posture beyond a network...
This past year challenged us in novel ways and with dramatic shifts, but it also provided many lessons. While 2021 will provide new...
To stay secure in the modern connected world, businesses must keep track of all emerging cybersecurity threats, no matter in which form...
Insider threats continue to be on the rise, and are now estimated to comprise 30% of all cyber incidents. While external threats often...
In 2020, we saw digital transformation accelerate along with rising ransomware, threats caused by human error and misconfigurations, and...
Mid-market organizations continue to be challenged by the need for cybersecurity, and the difficulty in finding budget for a full-time IT...
This holiday season will be like no other with the continued use of remote work, greater online sales, third-party sourcing from...
Businesses are always looking for ways to deliver increased value to clients while optimizing efficiency, and this year is no exception...
For far too long, cybersecurity professionals have had to cobble together multiple tech tools and staff augmentation to round out their...
The threat landscape continues to accelerate, with sophisticated attacks becoming more commonplace as ransomware-as-a-service accelerates...
The MITRE ATT&CK™ framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders...
The rise in ransomware attack volume and sophistication is a wake-up call for executives and IT departments alike. Traditional perimeter...
The cybersecurity industry is notorious for coining terms and acronyms that rise and fall out of favor before they even have a chance to...
The first look at our new endpoint threat prevention capabilities integrated into EventTracker. This strategic partnership deepens...
More than 75% of SMBs would change MSPs if they felt they would receive better protection. Netsurion wants to help you understand the...
Threat actors are increasingly gathering across the dark web to coordinate, plan, and launch attacks, some of which can be exposed via...
As an MSP, your focus should be on developing trust, strategy, and a reliable partnership. MSP margins are becoming slimmer and customers...
Netsurion provides 24/7 coverage and reduces false positives. Our small IT and security staff are too busy to chase after log data...
Business uncertainty has led to widespread adoption of working from home. Since most meaningful tasks in any organization require...
The Netsurion EventTracker SOC became an extension of the BIS team, providing additional resources that they didn’t have previously.
With most employees working from home amid COVID-19 (coronavirus) outbreak, VPN servers have now become paramount to a company's...
More Work-from-Home (WFH) scenarios due to COVID-19 present challenges as employees move from a trusted and secured office network to...
Maintaining strong cybersecurity is crucial as organizations make impromptu decisions to send more and more employees to work from home...
The MITRE ATT&CK® framework is an ever-expanding knowledge base of known adversarial tactics and techniques that enables cyber defenders...
RSA Conference 2020 has come and gone. It still maintains its status as the largest security event in the world, although attendance...
A data breach today takes 127 days to detect, according to the Ponemon Institute. Comprehensive visibility and real-time analysis of...
Following many high-profile data breaches, consumers have elevated data privacy to front-page news and included it as criteria for brand...
Every managed service provider (MSP) is evaluating managed security services to protect their customers and increase revenue. But how...
The holiday season is upon us and Netsurion is here to remind you that cybercrime doesn't take a holiday. View the video for tips to stay...
In 2020, we believe cybersecurity convergence will become the difference maker. It will enable MSPs to deliver effective cyber threat...
Just like locking your front door is crucial to protect your house, monitoring account logins to organizational servers and workstations...
The holidays are a busy time for most business owners as they ramp up to serve consumers excited to find holiday specials, or even as...
We built our security processes around Netsurion’s EventTracker Co-managed security. We want to be proactive versus reactive and...
Trust is everything in the healthcare community. Netsurion’s co-managed SIEM/SOC solution addresses our staff challenges with...
There are many more endpoints than fortified servers in the data center, and they are staffed by non-technical users who present softer...
Threats and threat actors continue to evolve and morph, creating advanced and even more dangerous tactics to mitigate. October is...
The challenge many face is the lack of qualified analysts for in-house SIEM. This is why Co-Managed SIEM is on the rise…it...
The ELK (Elasticsearch, Logstash, Kibana) stack is a popular open source log analysis and management platform. The collection, processing...
While nation-state threat actors and external hackers often garner the headlines, insider threats are an often-overlooked threat vector...
A true story of how one organization was impacted by a data breach. This executive brief shares the true story of an organization, who we...
A financially motivated ransomware gang hit 23 local governments in Texas in a coordinated attack. Ransomware is a type of malicious...
Black Hat 2019 was a learning experience and success for all. All of the hackers, presenters, vendors, and attendees have gone home, but...
At Black Hat 2019, Eric Doerr, GM of the Microsoft Security Response Center, reminded attendees of the interconnectedness of enterprise...
It has grown more challenging to protect patient privacy and secure sensitive data under HIPAA (Health Insurance Portability and...
Netsurion’s EventTracker Essentials solution is the single most important product we’ve launched in our company’s...
Just how much should you be spending on IT Security? It’s a vexing question to answer for many reasons as each situation has their...
MSPs of all sizes are under constant threat from hackers trying to access end-customer systems. The biggest surprise is that most of...
Are you experiencing a shrinking IT budget and a shortage of cybersecurity experts? Building and retaining a 24/7 SOC team in-house is...
Windows 7 is dead in January 2020. Fact is, the battle has shifted to the endpoint because there are more of them in the network, they...
Is your organization still using Windows 7? Microsoft support is coming to a close in a few short months. If you think end-of-support for...
Small and medium-size (SMBs) have been the target of cyber attacks for a while now, however most are still not protecting themselves. Why...
The cybersecurity market is certainly not short on over-hyped tools designed to solve a specific threat vector. But what is an IT team to...
Overwhelmed by the hype from security vendors in overdrive? Notice the innovation and trends and feel like jumping on the bandwagon? It...
The legal world is centered on offering clients protection—and in the current technology environment, that extends to cybersecurity...
Companies try to prevent attackers from getting into their systems with the shotgun approach. They deploy a patchwork of multiple...
Banks have always been a prime target for cybercriminals. With enormous stores of cash and consumer data, and the massive threat of...
As a Managed Service Provider (MSP) offering IT infrastructure and end-user systems, your clients rely on you with their valuable assets,...
View insights on why Managed Service Providers (MSPs) are being targeted by adversaries so you and your end customers don’t fall...
Increasing complexity and frequency of attacks have escalated the need for detection of attacks and incident response. Endpoints are the...
For MSPs serving clients in the healthcare industry, protecting data can be complex. With compliance enforcement like HIPAA , for...
Shrinking opportunity, increased price pressure, difficulty getting meetings with prospects….the list goes on. Join Netsurion and David...
Did you know that Microsoft is a security vendor? No, it’s true. For years, the company was hammered by negative public perception...
Netsurion’s Chief Strategy Officer A.N. Ananth joins Holger Schultze, CEO at Cybersecurity Insiders, outline Security Information and...
Over 7 billion global devices in an always on and continuously connected world create a soft target for today’s attacker. Whether...
Ever heard of Security Information and Event Management (SIEM)? Watch this brief video to learn more about SIEM and why it is an...
Proper cybersecurity includes controls to prevent, detect, and respond to cyber threats. This multi-layer cybersecurity strategy to...
We recently released the findings of the Security Information and Event Management (SIEM) study conducted by Cybersecurity Insights. The...
If you think your organization is too small to be targeted by threat actors, think again. Over 60% of organizations have experienced an...
Protecting a business’ IT infrastructure and data can be difficult with the abundance of threats out there, the array of new data...
Cybercriminals are not using traditional attack methods to invade your systems, so you can't use traditional cybersecurity defense to...
The year 2018 saw ransomware families such as CryptoLocker and variants like Locky continue to plague organizations as cybersecurity...
SIEM (Security Information and Event Management) is foundational along with other technologies. But an integrated combination of platform...
Every business–no matter its size–is a bullseye for cyber criminals. Data breaches cost an average of $3.6 million globally...
For cyber criminals, everyone’s a target. We must assume that, at some point, every organization’s IT infrastructure will be...
In simpler times, security technology approaches were clearly defined and primarily based on prevention with things like firewalls...
A hot trend in the Managed Service Provider (MSP) space is emerging, transforming from an MSP to a Managed Security Service Provider...
Advances in data analytics and increased connectivity have merged to create a powerful platform for change. Today, people, objects, and...
When it comes to selling security, one of the major challenges faced by managed services providers (MSPs) is changing the mind set of...
Ignorance is not bliss. As discussed in the webcast, Data Privacy Compliance in America is changing rapidly. Staying ignorant of the...
Breaches continue to be reported at a dizzying pace. In 2018 alone, a diverse range of companies — including Best Buy, Delta...
Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security...
Implement a Central Collection System Microsoft has made some considerable changes to event management in Windows Vista. But are these...
There are five different ways you can log on in Windows called “logon types.” The Windows Security Log lists the logon type...
With data breaches and Snowden-like information grabs, I’m getting increased requests for how to track data moving to and from...
DNS is an attractive mechanism for performing malicious activities like network reconnaissance, malware downloads, or communication with...
Now that advanced cybersecurity protections are a must-have in today’s landscape, organizations of all sizes are increasingly...
Retail IT service providers are being asked over and over to do more for their customers, and the opportunity for recurring revenue is...
Microsoft 365 is immensely popular across all industry verticals in the small-to-medium-sized business (SMB) space. It is often the...
There’s an old saying: Their bark is worse than their bite. However, this is not the case with the penalties of non-compliance when...
It continues to be challenging being a Chief Information Security Officer (CISO) today – and this year promises no rest. As high...
Our customers are priority #1. They come to us with an expectation and we want to deliver. The challenge is keeping up that level of...
GDPR is the biggest change in 20 years for European data security. All EU-based or multi-national companies must comply, but don’t forget...
The cost of doing nothing can be greater than the cost of protecting your business.
What's the cost of securing your network from a cyber attack? According to Precision Analytics and The CAP Group, many companies are...
To streamline operations, improve service and remain competitive, hotels use computers to handle numerous tasks. While automation...
The technological revolution has introduced a plethora of advanced solutions to help identify and stop intrusions. There is no...
The cybersecurity threat landscape is in constant motion – ever evolving. According to Kaspersky Labs, 323,000 new malware strains...
The FBI estimates that more than 4,000 ransomware attacks have occurred daily since the beginning of 2016. That...
Can you simply buy a “SIEM solution”? Turns out you really cannot, no matter how hard you try nor how passionately the vendor...
Security is an ever-escalating arms race. The good guys have gotten better about monitoring the file system for artifacts of advanced...
The argument is an old one; are you better off with a network-based detector, assuming all hosts will eventually communicate, or should...
We spun up a dummy website to conduct an experiment on website cybersecurity. The results were very interesting. In less than 24 hours...
It doesn't rhyme and it's not what Whittier said but it's true. If you don't log it when it happens, the evidence is gone...
As I reflect on this year, a Shakespearean quote plays out in my mind – when King Henry the Fifth is rallying his troops to attack...
The Emotet virus has crippled Allentown, PA and is expected to cost an estimated $1 million dollars to fix the damage and remove the...
Are you compliant with PCI DSS Version 3.2? Restaurants, retailers, hotels, doctors' and lawyers' offices, and many more, all need to...
The Cisco Annual Cybersecurity Report provides insights based on threat intelligence gathered by Cisco's security experts, combined...
As the threat landscape continues to evolve mere protection, however diligent, is not practical to defend against threats. Adversaries...
In 2005, the Department of Homeland Security commissioned Livermore National Labs to produce a kind of pre-emptive post-mortem report.
Cybersecurity is complex enough as it is. But to compound the issue, merchant businesses in the retail, restaurant, and hospitality space...
It’s no secret that the financial industry is under attack. If we learn by recent examples, we know that technology alone is not enough...
We all hear it over and over again: complying with data protection requirements is expensive. But did you know that the financial...
The word cybersecurity can seem daunting and bring to mind images of costly software and hardware needed to protect your business. But...
Are you compliant with PCI DSS Version 3.2? Restaurants, retailers, hotels, doctors' and lawyers' offices, and many more...
Does this sound familiar? You have no control of your environment and most of your efforts are diverted into understanding what happened,...
The cybersecurity market is loaded with ambiguous buzzwords and competing acronyms that make it very difficult to clearly distinguish one...
Imagine dealing with a silent, but mentally grating barrage of security alerts every day. The security analyst’s dilemma?
South River Electric Membership Corporation, (South River EMC ) is a member-owned electric distribution cooperative that delivers...
When we are attacked, we feel a sense of outrage and the natural tendency is to want to somehow punish the attacker. To do this, you must...
While you’ve been busy defending against ransomware, the bad guys have been scheming about new ways to steal from you. Let’s...
A lot of data, an overwhelming amount actually, is available from hundreds of sources, but rarely is it observed. Having something and...
Interest continues to build around pass-the-hash and related credential artifact attacks, like those made easy by Mimikatz. The main...
The evolution of Security Information and Event Management (SIEM) solutions has made a few key shifts over time. It started as simply...
“You’re in the fight, whether you thought you were or not”, Gen. Mike Hayden, former Director of the CIA and NSA...
As the holidays swiftly approach, many of us are making lists and plans as part of the crescendo of year-end activity. We don’t...
The IT security industry’s skill shortage is a well-worn topic. Survey after survey indicates that a lack of skilled personnel is a...
While the threats have changed over the past decade, the way systems and networks are managed have not. We continue with the same...
The old Haunted Hotel with squeaky wood floors, welcomed all guests who dared enter the front doors. Guests arrived from every nation...
A common dysfunction in many companies is the disconnect between the CISO, who views cybersecurity as an everyday priority, versus top...
Computers do what they are told, whether good or bad. One of the best ways to detect intrusions is to recognize when computers are...
This post got me thinking about a recent conversation I had with the CISO of a financial company. He commented on how quickly his team...
Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a few days, or even a few hours...
Equifax, one of the big-three US credit bureaus, disclosed a major data breach. It affects 143 million individuals — mostly...
By now it’s accepted that SIEM is a foundational technology for both securing a network from threats as well as demonstrating...
2017 has been a banner year for IT Security. The massive publicity of attacks like WannaCry have focused public attention like never...
Why has ransomware exploded on to the scene in 2017? Because it works.
How much security is enough? That’s a hard question to answer. You could spend $1 or $1M on security and still ask the same...
What can be done to truly protect a business? Go beyond bare-bones security regulatory compliance by implementing security measures to...
While IT security teams identify, hunt, and remove specific variants of the ransomware, there may already be unknown mutated varieties...
Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for over a year now...
As I write this, yet another ransomware attack is underway. This time it’s called Petya, and it again uses SMB to spread. But here...
A new ransomware variant is sweeping across the globe known as Petya. It is currently having an impact on a wide range of industries and...
With distressing regularity, new breaches continue to make headlines. The biggest companies, the largest institutions both private and...
Is it over? Will it happen again? - How it spreads - What it does - Technical details - What Netsurion, through our SIEM-at-the-Edge...
As the summer travel season quickly approaches, most people envision exchanging work clothes and school books for shorts, flip flops, and...
As the second iteration of the WannaCry ransomware impacting IT infrastructure around the globe is expected, we want to arm our customers...
Shared threat intelligence is an attractive concept. The good guys share experiences about what the bad guys are doing thereby blunting...
I’m a big believer in security analytics and detective controls in general. At least sometimes, bad guys are going to evade...
IT workers in general, but more so IT Security professionals, pride themselves on their technical skills. Keeping abreast of the latest...
Learn why firewalls, anti-virus, and anti-malware alone may not be enough to secure your business from the ever-evolving threat landscape...
So you got hit by a data breach, an all too common occurrence in today’s security environment. Who gets hit? Odds are you will say...
The insider threat is typically much more infrequent than external attacks, but they usually pose a much higher severity of risk for...
Ransomware is about denying you access to your data via encryption. But that denial has to be of a great enough magnitude create...
Securing medical records is a complex undertaking. Healthcare organizations need an array of security technologies that can be used to...
A good security plan can be overwhelming at first, but with the right knowledge and expertise, it can be simplified and managed. On this...
Defense strategies that focus exclusively on the perimeter and on prevention do not take into account the kill chain life cycle approach;...
We believe that every business should have the means to protect themselves and their customers from cyberattacks, and the PCI Security...
‘Twas the night before Christmas and all through HQ Not a creature was stirring, except greedy Lou – An insider thief who had...
Regulatory compliance is a necessary step for IT leaders, but it’s not sufficient enough to reduce residual IT security...
Log collection, SIEM and security monitoring are the journey not the destination. Unfortunately, the destination is often a false...
Are you feverishly working to patch your systems today with the latest available patches? Or are you spending your time unfriending...
We have been implementing Security Information and Event Management (SIEM) solutions for more than 10 years. We serve hundreds of active...
We are delighted that EventTracker is now part of the Netsurion family. On October 13, 2016 we announced our merger with managed security...
How do you figure out when someone was actually logged onto their PC? The data is there in the security log, but it’s so much...
The presidential debate, as entertaining as it was for many, was a great place to hear about the focus needed on cybersecurity issues in...
Persistent threats affecting businesses of all sizes and in all verticals are becoming more consistent and hitting more frequently. The...
PCI compliance: that daunting phrase you always hear in the world of payments…but never truly...
A common hacking method is to steal information by first gaining lower-level access to your network. This can happen in a variety of ways...
Cyber criminals are constantly developing increasingly sophisticated and dangerous malware programs. Statistics for the first quarter of...
The event, aimed at connecting the point-of-sale (POS) technology ecosystem, was extremely successful...
Windows gives you several ways to control which computers can be logged onto with a given account. Leveraging these features is a...
When business owners start looking at Point-of-Sale (POS) systems, they may feel overwhelmed at the...
We know how tempting those summer sales are! But are you being careful on where you are swiping your card?
Ideas to Retire is a TechTank series of blog posts that identify outdated practices in public sector IT management and suggest new ideas...
There’s a wealth of intelligence available in your DNS logs that can help you detect persistent threats. So how can you use them to...
In this fifth article of the series, we continue to explore the basic ways businesses can keep their networks safer. These include tools...
Analytics is an essential component of a modern SIEM solution. The ability to crunch large volumes of log and security data in order to...
We have gathered what have been common comments that we hear from business owners. And today, we would like to bust these myths!
Detecting virus signatures is so last year. Creating a virus with a unique signature or hash is quite literally child’s play, and...
In a recent webinar, we demonstrated techniques by which EventTracker monitors DNS logs to uncover attempts by malware to communicate...
In this entry we discuss the topic of anti-virus protection. There are many questions that come up when we talk about this topic. So here...
While software that can be installed on your PC and used to remotely connect when you are away from your home office can be very handy...
Far too many SIEM implementations are considered to be catastrophes. Having implemented hundreds of such projects, here are the three...
If you are not keeping up with regular patching of your computer and the programs that run on it – then you are simply asking for...
Ransomware burst onto the scene with high profile attacks against hospitals, law firms and other organizations. What is it and how...
2016 Verizon Breach Investigations Report (Part 3 of 3) We've covered the 4 patterns of attack used by hackers, expanded on...
2016 Verizon Breach Investigations Report (Part 2 of 3) In our previous post we showed you that regardless of the business&rsquo...
SC Magazine released the results of a research survey focused on the rising acceptance of SIEM-as-a-Service for the small and medium...
PCI DSS 3.2 is scheduled for release at the end of April. Have you thought about how this update can affect your business? Will you still...
Yet another recent report confirms the obvious, that SMBs in general do not take security seriously enough. The truth is a bit more...
While your business’ data security program should consist of many components, perhaps the most effective defense to ransomware is...
Traditional areas of risk — financial risk, operational risk, geopolitical risk, risk of natural disasters — have been part...
Ransomware is a business’ worst nightmare. This malware infects computers and restricts the users from accessing any of their data...
Do you embrace the matrix? The fact is, once networks get to a certain size, IT organizations begin to specialize and small kingdoms emerge.
Cloud security is getting attention and that’s as it should be. But before you get hung up on techie security details, like...
The range of threats included trojans, worms, trojan downloaders and droppers, exploits and bots (backdoor trojans), among others. When...
I have fond memories of playing a board game called Hungry Hungry Hippos in my younger days. Today’s medical practices mirror the...
While you focus on providing the best health service for your patients, it is easy to under-estimate the risks that you may be putting...
Windows supports the digitally signing of EXEs and other application files so that you can verify the provenance of software before it...
Here’s our list of the Top 5 SIEM complaints:1) We bought a security information and event management (SIEM) system, but it...
Think about the burglar alarm systems that are common in residential neighborhoods. In the eye of the passive observer, an alarm system...
Winning a marathon requires dedication and preparation. Over long periods of time. A sprint requires intense energy but for a short...
It’s understandable that the primary goal of any healthcare practice is to keep their patients healthy and safe. But what about...
Given today’s threat landscape, let’s acknowledge that a breach has either already occurred within our network or that it...
2015 was a tough year for the healthcare industry. Some are even calling 2015 “the year of...
The traditional method for calculating standard Return on Investment (RoI) is that it equals the gain minus the cost, divided by the...
Here we are going to look for Event ID 4740. This is the security event that is logged whenever an account gets locked. “User X...
2015 has been a year of healthcare data breaches. But why are hackers going after healthcare records now?
Many small businesses believe only the "big guys" will suffer a data breach. But did you know that 90% of data breaches impact...
As data breaches occur more and more, it is no secret that the market needs more cybersecurity professionals. Here are a few statistics...
Security Subsistence Syndrome (SSS) is defined as a mindset in an organization that believes it has no security choices and is...
Technology keeps improving, as do hackers. Hackers have been around for years and years; from exploiting the vulnerabilities of telephone...
If attackers can deploy a remote administration tool (RAT) on your network, it makes it so much easier for them. RATs make it luxurious...
Nearly 60% of businesses have experienced a breach in the last two years. Have you ever considered what would happen if your business was...
Users of the EventTracker platform know that one of its primary functions is to apply built-in knowledge to reduce the flood of all...
Merchants know by now that after October 1st the liability for card-present fraud will shift to whichever party is the least EMV...
Passwords keep your accounts and network safe but may also be a gateway for hackers. Here are some quick tips we recommend when creating...
We hear a lot about tracking privileged access today because privileged users like Domain Admins can do a lot of damage. But more...
The number of data breaches continues to increase. Cybercrime affects your brand, your customers and your employees in ways that are...
The CDC estimates that close to 80% of office-based physicians use some form of electronic medical records. This increase, coupled with...
What is the true cost of a data breach? A data breach affects your business, brand, and reputation. But it can be prevented.
For many years now, the security industry has become somewhat reliant on ‘indicators of compromise’ (IoC) to act as clues...
There’s plenty of interest in all kinds of advanced security technologies like threat intelligence, strong/dynamic authentication...
The gap between the ‘time to compromise’ and the ‘time to discover’ is the detection deficit. According to...
In the wake of BackOff, and numerous other data breaches, consumers are demanding answers into the how and why surrounding companies who...
It’s clear that we are now working under the assumption of a breach. The challenge is to find the attacker before they cause damage...
Six ways to shoot yourself with SIEM technology: 1) Dont plan; just jump in 2) Have no defined scope or use cases; whatever 3) Confuse...
A data breach has serious consequences both directly and indirectly. Lost revenue and a tarnished brand reputation both inflict harm...
This fundamental tradeoff between security, usability, and cost is critical. Yes, it is possible to have both security and usability...
It is becoming more and more frequent to read about electronic data breaches in the news these days. Unfortunately, what is not touched...
Is it possible to avoid security breaches? Judging from recent headlines, probably not. Victims range from startups like Kreditech, to...
You may recall that back in 2012, then Secretary of Defense Leon Panetta warned of “a cyber Pearl Harbor; an attack that would...
Sometimes we get hung up on event monitoring and forget about the “I” in SIEM which stands for information. Not forgetting...
There is great interest among security technology and service providers about the intersection of global threat intelligence with...
Bad actors/actions are more and more prevalent on the Internet. Who are they? What are they up to? Are they prowling in your network...
Log monitoring is difficult for many reasons. For one thing there are not many events that unquestionably indicate an intrusion or...
Traditional threat models posit that it is necessary to protect against all attacks. While this may be true for a critical national...
We live in a brave new world where the spies of yesteryear, like James Bond and Jason Bourne, are truly falling away into the realm of...
You must have a heard light bulb jokes, for example: How many optimists does it take to screw in a light bulb? None, they’re...
In computer terminology, a honeypot is a computer system set to detect, deflect, or, in some manner, counteract attempts at...
Security Information and Event Management (SIEM) technology is an essential component in a modern defense-in-depth strategy for IT...
In the wake of Heartbleed, comes a new form of exposure that could potentially do much more damage than any other vulnerability of its...
If you manage any Linux machines, it is essential that you know where the log files are located, and what is contained in them. From a...
Most merchants who have been validating their PCI compliance for a few years now probably know which SAQ type applies to them. In PCI 2.0...
Every now and then hackers develop a piece of malware that is so insidious that it changes the landscape of computer security and...
I often get asked how to audit the deletion of objects in Active Directory. It’s pretty easy to do this with the Windows Security...
Return on investment (ROI) - it is the Achilles heel of IT management. Nobody minds spending money to avoid costs, prevent disasters, and...
Are you familiar with the Kübler-Ross 5 Stages of Grief model? SIEM implementation (and indeed most enterprise software...
Security Information and Event Management (SIEM) is a term coined by Gartner in 2005 to describe technology used to monitor and help...
Analyzing all the login and pre-authentication failures within your organization can be tedious. There are thousands of login failures...
In the wake of their breach, Target announced on March 5, 2014 that their CIO, Beth Jacob was announcing her resignation. This begs the...
Unstructured data access governance is a big compliance concern. Unstructured data is difficult to secure because there’s so...
For the past several months, there have been numerous stories about major retailers that have been breached by hackers. The result is...
The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management...
It was the fall of 2008. A variant of a three year old relatively benign worm began infecting U.S. military networks via thumb drives.
Why should you, as a merchant, comply with the PCI Security Standards? At first glance, especially if you are a smaller organization, it...
Over the years, security admins have repeatedly asked me how to audit file shares in Windows. Until Windows Server 2008, there were...
Every 3 years the Payment Card Industry Data Security Standard (PCI) is updated to a new version. The time for the next release is right...
What security events get logged when a user logs on to their workstation with a domain account and proceeds to run local applications and...
In the aftermath of the disclosure of the NSA program called PRISM by Edward Snowden to a reporter at The Guardian...
In the wake of the most recent terrorist bombing in Boston, it is easy to understand why some people...
One thing I always wished you could do in Windows auditing was mandate that access to an object be audited if the user was NOT a member...
When you think about electronic security, what comes to mind? Do you consider how vulnerable your...
I think one of the most underutilized features of Windows Auditing and the Security Log are Process Tracking events. In Windows 2003/XP...
I often encounter a dangerous misconception about the Windows Security Log: the idea that you only need to monitor domain controller...
The past year has been a hair-raising series of IT security breakdowns and headlining events reaching as high as RSA itself falling...
When we originally conceived the idea of SIEM and log management solution for IT managers many years ago, it was because of the...
There’s been a lot of recent hype about security risks with the rise of virtualization, but much of it is vague and short on...
Intrusion detection and compliance are the focus of log management, SIEM and security logging. But security logs, when managed...
HIPAA Logging HOWTO, Part 2 The Health Insurance Portability and Accountability Act of 1996 (HIPAA) outlines relevant security and...
I am often asked that if Log Management is so important to the modern IT department, then how come more than 80% of the market that...
Despite the fact that security industry has been fighting malicious software – viruses, worms, spyware, bots and other malware...
There is a lot of discussion around Security MSSPs, SaaS (Security as a Service) and Cloud Computing these days. I always felt I had a...
Unfortunately, IT is not perfect; nothing in our world can be. Compounding the inevitable failures and weaknesses in any system designed...
No one needs to be convinced that monitoring Domain Controller security logs is important; member servers are equally as important: most...
An area of audit logging that is often confusing is the difference between two categories in the Windows security log: Account Logon...
Randy Franklin Smith compares methods for detecting malicious activity from logs including monitoring for high impact changes, setting up...
In most previous newsletters, we have discussed the use of logging for various regulatory mandates (such as PCI DSS, HIPAA and FISMA) as...
Preparing the Infrastructure From all the uses for log data across the spectrum of security, compliance, and operations, using logs for...
Time won't give me time: The importance of time synchronization for Log Management
Often when I engage with a prospect their first question is “How many events per second (EPS) can EventTracker handle?&rdquo...
The 5 W’s of security management I’ve seen it happen about a thousand times if I’ve seen it once. A high profile...
The number 1 vulnerability on the OWASP list is cross site scripting or XSS. XSS seems to have replaced SQL injection as the new favorite...
With so much focus on security these days, it’s easy to imagine that IT departments are winning the battle against malware and...
While there is little doubt that SIEM solutions are critical for compliance, security monitoring or IT optimization, it is getting harder...
When outsourcing isn’t an option but SIEM proficiency is beyond the internal staff ’s expertise, a hybrid approach is...
The purpose of this white paper is to identify and demonstrate how to detect five of the most significant security threats. Critical...
Despite the obvious benefits of Log Management and its increasing recognition as a critical necessity by the IT organization, Log...
This paper highlights the major advantages of employing EventTracker to consolidate, correlate, and manage event log data by discussing...
Frustrated by an ever changing and increasingly complex set of security solutions, mid-market organizations – and the IT service...
The benefits of employing virtualization in the corporate data center are compelling - lower operatingcosts, better resource utilization,...
The Department of Defense (DoD) is rolling out the CMMC for DoD contractors this year. This means that before bidding on DoD contracts...
This White Paper discusses how you can take advantage of the power of high capacity USB storage devices like thumb/flash drives without...
Monitoring event logs from workstations provides two important benefits. Firstly, it saves money by adopting a proactive approach to...
With cyberattacks targeting small- to medium- size businesses (SMBs), MSPs are finding themselves at the crossroads.
This technical whitepaper describes the ten most critical security conditions that are not monitored by the Windows Operating System or...
An introduction to collecting important Windows workstation event logs and storing them in a central location for easier searching and...
With companies making painful personnel and compensation choices in this poor economy, one of the impacts has been an explosion in the...
CyberEdge’s 2022 Cyberthreat Defense Report (CDR) has become the standard for assessing organizations’ security posture, for gauging...
Netsurion’s Managed Threat Protection solution provides the necessary synergy between people, process, and technology to truly deliver...
Ransomware continues to be the number one resilience threat. It is now a proven market for cyber criminals, generating millions of...
What size security team do you need to protect against ransomware? What tasks will I need them to perform