SIEM

Detecting Microsoft Entra ID Primary Refresh Token Abuse with Next-Gen SIEM

Oct 24, 2024 by iHash Leave a Comment

Microsoft Entra ID Primary Refresh Tokens (PRTs) are an attractive target for threat actors because they are long-lived, they are broadly scoped and they often don’t have additional multifactor authentication requirements after they are obtained. In this blog, we will discuss what PRTs are, how they are issued and how recently released research gives threat attackers a new way … [Read more...] about Detecting Microsoft Entra ID Primary Refresh Token Abuse with Next-Gen SIEM

CrowdStrike Falcon Next-Gen SIEM Top 10 FAQs

Oct 23, 2024 by iHash Leave a Comment

CrowdStrike Falcon® Next-Gen SIEM enhances security operations by integrating data, AI, workflow automation and threat intelligence into a single platform with a unified console and a lightweight endpoint agent. We continue to innovate in next-gen SIEM to power SOC operations, most recently with a series of product updates announced at Fal.Con 2024. But we’re not stopping … [Read more...] about CrowdStrike Falcon Next-Gen SIEM Top 10 FAQs

Fal.Con 2024 – Redefining SecOps with Next-Gen SIEM

Sep 21, 2024 by iHash Leave a Comment

Are your legacy technologies slowing down your security operations? You’re not alone. Seventy percent of critical incidents take over 12 hours to resolve. Legacy SIEMs burden security teams with endless manual processes and agonizingly slow search speeds, delaying investigation and response while increasing the risk of a breach. The future of security requires next-gen SIEM … [Read more...] about Fal.Con 2024 – Redefining SecOps with Next-Gen SIEM

Iceberg ahead: Why your legacy SIEM is a sinking ship

Sep 4, 2024 by iHash Leave a Comment

There’s a prevailing attitude among many organizations that can be summed up as follows:“We have already invested so much, and I'm not currently aware of any problems, so rather than take a proactive approach to improve, I’m going to wait until a compelling event happens to make a change.”This mindset is rooted in the amount of effort and resources already invested to "make it … [Read more...] about Iceberg ahead: Why your legacy SIEM is a sinking ship

Elastic 8.15: Enhanced semantic search and new SIEM data import

Aug 9, 2024 by iHash Leave a Comment

The 8.15 release contains a significant number of features, including more tools to fine tune relevance, additional model flexibility, and vector search improvements as well as advances in AI-driven security analytics to modernize onboarding of custom SIEM data in minutes. Following the donation of the Elastic Common Schema (ECS) and Universal Profiling to the OpenTelemetry … [Read more...] about Elastic 8.15: Enhanced semantic search and new SIEM data import

Elastic accelerates SIEM data onboarding with Automatic Import powered by Search AI

Aug 7, 2024 by iHash Leave a Comment

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any … [Read more...] about Elastic accelerates SIEM data onboarding with Automatic Import powered by Search AI

Unlock Advanced Security Automation for Next-Gen SIEM

Jul 1, 2024 by iHash Leave a Comment

According to the CrowdStrike 2024 Global Threat Report, the fastest recorded eCrime breakout time was just 2 minutes and 7 seconds in 2023. This underscores the need to equip security analysts with modern tools that level the playing field and enable them to work more efficiently and effectively. Today’s analysts require a new generation of security information and event … [Read more...] about Unlock Advanced Security Automation for Next-Gen SIEM

Harnessing Email Data to Stop Phishing Attacks with Falcon Next-Gen SIEM

Jul 1, 2024 by iHash Leave a Comment

Phishing is a formidable–and financially devastating–threat costing organizations $4.76 million USD per breach on average. With a simple, deceptive email, adversaries can masquerade as trusted entities, tricking even savvy individuals into handing over their credentials and other sensitive information. Whether it’s a duplicitous link or a crafty call to action, phishing … [Read more...] about Harnessing Email Data to Stop Phishing Attacks with Falcon Next-Gen SIEM

Stop Phishing with Next-Gen SIEM and SOAR

Jun 30, 2024 by iHash Leave a Comment

Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch effective phishing campaigns thanks to off-the-shelf phishing kits and generative AI, and above all, it works — 71% of organizations reported at least one successful attack in 2023. To defend … [Read more...] about Stop Phishing with Next-Gen SIEM and SOAR

Building a next-gen SOC at Pinewood, a leading MSSP, underpinned by Elastic SIEM

Jun 10, 2024 by iHash Leave a Comment

As an MSSP, Pinewood faces a high volume and variety of cyber threats from different customers on a daily basis. It’s essential that our clients’ applications, networks, and systems are secure and resilient — as well as our own. We also need to fulfill various functionalities like scalability, multi-tenancy, enhanced reporting, reduced false-positives, and an easy to use … [Read more...] about Building a next-gen SOC at Pinewood, a leading MSSP, underpinned by Elastic SIEM

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54