SIEM

Solving for Exponential Data Growth in Next-Gen SIEM

Feb 19, 2025 by iHash Leave a Comment

Do you ever feel overwhelmed by the number of data sources you manage with your SIEM? How do you piece together different pieces of the puzzle like SOAR, threat intelligence, and security tools for endpoint, cloud, or identity? Do you actually know which tools are strengthening your security posture, and which are just adding more complexity? In this post, we share the … [Read more...] about Solving for Exponential Data Growth in Next-Gen SIEM

Detect Data Exfiltration with Falcon Next-Gen SIEM

Feb 14, 2025 by iHash Leave a Comment

Sensitive data theft is among adversaries’ most common goals. For defenders, data exfiltration can lead to the compromise of customer data, public exposure of trade secrets, and potentially permanent business and reputational damage. Victims of data exfiltration may also face legal issues for non-compliance with data protection laws. This must be a top concern for … [Read more...] about Detect Data Exfiltration with Falcon Next-Gen SIEM

Leveraging CrowdStrike Falcon Next-Gen SIEM Against Attacks Targeting Okta

Jan 22, 2025 by iHash Leave a Comment

Detecting MFA Fatigue The following rule looks for instances where multiple MFA push notifications are sent to a given user and identifies scenarios where multiple failed push notifications are sent and a successful push notification followed. Note that when a push notification is sent, it’s also transmitted to each registered device, which may result in a slightly skewed … [Read more...] about Leveraging CrowdStrike Falcon Next-Gen SIEM Against Attacks Targeting Okta

Falcon Next-Gen SIEM and Cribl Reshape the SIEM Journey

Nov 22, 2024 by iHash Leave a Comment

CrowdStream enables SOCs to streamline data flows, prioritize high-value sources and reduce complexity so teams can focus on their most important tasks. By simplifying data management and empowering faster detection, our partnership offers a scalable, resilient solution that helps SOCs achieve security outcomes that meet today’s demands and tomorrow’s challenges. With … [Read more...] about Falcon Next-Gen SIEM and Cribl Reshape the SIEM Journey

Detecting Microsoft Entra ID Primary Refresh Token Abuse with Next-Gen SIEM

Oct 24, 2024 by iHash Leave a Comment

Microsoft Entra ID Primary Refresh Tokens (PRTs) are an attractive target for threat actors because they are long-lived, they are broadly scoped and they often don’t have additional multifactor authentication requirements after they are obtained. In this blog, we will discuss what PRTs are, how they are issued and how recently released research gives threat attackers a new way … [Read more...] about Detecting Microsoft Entra ID Primary Refresh Token Abuse with Next-Gen SIEM

CrowdStrike Falcon Next-Gen SIEM Top 10 FAQs

Oct 23, 2024 by iHash Leave a Comment

CrowdStrike Falcon® Next-Gen SIEM enhances security operations by integrating data, AI, workflow automation and threat intelligence into a single platform with a unified console and a lightweight endpoint agent. We continue to innovate in next-gen SIEM to power SOC operations, most recently with a series of product updates announced at Fal.Con 2024. But we’re not stopping … [Read more...] about CrowdStrike Falcon Next-Gen SIEM Top 10 FAQs

Fal.Con 2024 – Redefining SecOps with Next-Gen SIEM

Sep 21, 2024 by iHash Leave a Comment

Are your legacy technologies slowing down your security operations? You’re not alone. Seventy percent of critical incidents take over 12 hours to resolve. Legacy SIEMs burden security teams with endless manual processes and agonizingly slow search speeds, delaying investigation and response while increasing the risk of a breach. The future of security requires next-gen SIEM … [Read more...] about Fal.Con 2024 – Redefining SecOps with Next-Gen SIEM

Iceberg ahead: Why your legacy SIEM is a sinking ship

Sep 4, 2024 by iHash Leave a Comment

There’s a prevailing attitude among many organizations that can be summed up as follows:“We have already invested so much, and I'm not currently aware of any problems, so rather than take a proactive approach to improve, I’m going to wait until a compelling event happens to make a change.”This mindset is rooted in the amount of effort and resources already invested to "make it … [Read more...] about Iceberg ahead: Why your legacy SIEM is a sinking ship

Elastic 8.15: Enhanced semantic search and new SIEM data import

Aug 9, 2024 by iHash Leave a Comment

The 8.15 release contains a significant number of features, including more tools to fine tune relevance, additional model flexibility, and vector search improvements as well as advances in AI-driven security analytics to modernize onboarding of custom SIEM data in minutes. Following the donation of the Elastic Common Schema (ECS) and Universal Profiling to the OpenTelemetry … [Read more...] about Elastic 8.15: Enhanced semantic search and new SIEM data import

Elastic accelerates SIEM data onboarding with Automatic Import powered by Search AI

Aug 7, 2024 by iHash Leave a Comment

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any … [Read more...] about Elastic accelerates SIEM data onboarding with Automatic Import powered by Search AI

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54