#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

SIEM | Breaking Cybersecurity News | The Hacker News

Category — SIEM
Leveraging Wazuh for Zero Trust security

Leveraging Wazuh for Zero Trust security

Nov 05, 2024 Network Security / Zero Trust
Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security encourages continuous monitoring of every device and user, which ensures sustained protection after successful user authentication. Why companies adopt Zero Trust security Companies adopt Zero Trust security to protect against complex and increasingly sophisticated cyber threats. This addresses the limitations of traditional, perimeter-based security models, which include no east-west traffic security, the implicit trust of insiders, and lack of adequate visibility.  Traditional vs. Zero Trust security Zero Trust security upgrades an organization's security posture by offering: Improved security posture : Organizations can improve their security posture by continuously gathering data on...
Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

Sep 26, 2024 Threat Detection / IT Security
Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too many alerts, too much noise, and not enough time to actually stop threats. It's time for a change. It's time to reclaim control. Join Zuri Cortez and Seth Geftic for an insightful webinar as they navigate the complexities of " Solving the SIEM Problem: A Hard Reset on Legacy Solutions ."  They'll share insider knowledge, battle-tested strategies, and a clear path to taming the SIEM beast in this informative session. Here's what we'll cover: SIEM 101: A quick refresher on what SIEM is, why it's important, and the challenges it faces today The Problem with Legacy SIEM: We'll pull back the curtain and reveal why traditional solutions are struggl...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Enhancing Incident Response Readiness with Wazuh

Enhancing Incident Response Readiness with Wazuh

Aug 05, 2024 Threat Detection / Network Security
Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such as timely detection, comprehensive data collection, and coordinated actions to enhance readiness. Improving these areas ensures a swift and effective response, minimizing damage and restoring normal operations quickly. Challenges in incident response Incident response presents several challenges that must be addressed to ensure a swift and effective recovery from cyber attacks. The following section lists some of these challenges. Timeliness : One of the primary challenges in incident response is addressing incidents quickly enough to minimize damage. Delays in response can lead to more compromises and increased recovery costs. Information correlation : Security teams often struggle to effectively collect and correlate relevant data. Without a comprehensive view, understanding the full scope and impact of the incident becomes difficu...
cyber security

The AppSec & R&D Playbook: How to Align Security and Innovation

websiteBackslashApplication Security
AppSec vs. R&D? Bridge the gap with clear steps to streamline workflows and foster collaboration.
True Protection or False Promise? The Ultimate ITDR Shortlisting Guide

True Protection or False Promise? The Ultimate ITDR Shortlisting Guide

Jul 10, 2024 Endpoint Security / Identity Security
It's the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The lateral movement uses compromised credentials for malicious access – a critical blind spot that existing XDR, network, and SIEM solutions fail to block.  Identity Threat Detection and Response (ITDR) has emerged in the last couple of years to close this gap. This article breaks down the top five ITDR capabilities and provides the key questions to ask your ITDR vendor. Only a definitive 'YES' to these questions can ensure that the solution you evaluate can indeed deliver its identity security promise.  Coverage For All Users, Resources, and Access Methods  Why is it important? Par...
4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

4-Step Approach to Mapping and Securing Your Organization's Most Critical Assets

May 28, 2024 Threat Exposure Management
You're probably familiar with the term "critical assets". These are the technology assets within your company's IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe.  But is every technology asset considered a critical asset? Moreover, is every technology asset considered a  business -critical asset? How much do we really know about the risks to our  business -critical assets?  Business-critical assets are the underlying technology assets of your business in general – and we all know that technology is just one of the 3 essential pillars needed for a successful business operation. In order to have complete cybersecurity governance, organizations should consider: 1) Technology, 2) Business processes, and 3) Key People. When these 3 pillars come togeth...
SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

May 13, 2024 Threat Detection / SoC / SIEM
In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts are overwhelmed with alerts. The knock-on effect of this is that fatigued analysts are at risk of missing key details in incidents, and often conduct time-consuming triaging tasks manually only to end up copying and pasting a generic closing comment into a false positive alert.  It is likely that there will always be false positives. And many would argue that a false positive is better than a false negative. But for proactive actions to be made, we must move closer to the heart of an incident. That requires diving into how analysts conduct the triage and investigation process. SHQ R...
Detecting Windows-based Malware Through Better Visibility

Detecting Windows-based Malware Through Better Visibility

Apr 01, 2024 Malware Detection / Endpoint Security
Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn't enough – North Korea appears to be  using revenue from cyber attacks to funds its nuclear weapons program . Small and mid-size businesses are increasingly caught in the dragnet of ongoing malware attacks - often due to underfunded IT departments. Exacerbating the problem are complex enterprise security solutions that are often out of reach for many companies - especially when multiple products are seemingly needed to establish a solid defense. Volume-based products that incentivize users to collect less data in order to conserve funds work backward, dampening the anticipated benefits. But what if you could detect many malware attacks holistically with ...
Expert Insights / Articles Videos
Cybersecurity Resources