Active Directory is a popular technology used in many organizations to handle their user management, authentication and authorization. The fact that it’s so dominant and so central to the IT infrastructure makes it a key component for security monitoring. It’s also a popular target for malicious… Read More »Practical Guide For SIEM And Active Directory
CCPA, the recent legal privacy innovation in the US, has introduced a lot of requirements for online businesses. We have previously covered the principle of accountability in both CCPA and GDPR, and how an audit log of all data-related activities as well as handling user… Read More »Three Reasons Why CCPA Compliance May Require SIEM
Google Cloud Platform and Security Monitoring Google Cloud Platform (GCP) is attracting a lot of companies, large and small, with its stability and many built-in services. But aggregated security monitoring has to be done via an external service. However, log aggregation for security purposes… Read More »SIEM for Google Cloud Platform
TeamViewer is a great utility for remotely helping your relatives or for IT people servicing small businesses. But using it in large organizations, and especially for critical infrastructure, is rather risky, as shown in a recent attempt to poison the water of a city in… Read More »TeamViewer Security Risks And How To Mitigate Them
Why is SIEM Important for Regulatory Compliance? A security information and event management (SIEM) system can improve the security of your business’ computer network with real-time automation, monitoring, logging and event alerts. By leveraging SIEM Software, your security team is able to track events concerning your company’s… Read More »Using SIEM for Regulatory Compliance: Importance, Best Practices, Use Cases
Security information and event management (SIEM) has been “reserved” for large enterprises for a long time and therefore vendors largely ignored smaller customers. “Smaller customers” are medium enterprises and mid-market companies, according to various definitions and brackets, and they range from a hundred to more… Read More »Why Mid-Market Companies and SMEs Benefit From SIEM
Cybersecurity is increasingly becoming a topic for legislators, especially for the public sector, critical infrastructure, healthcare, education, the financial and the insurance sectors. In the US, in addition to several federal laws (HIPAA, HITECH, GLBA, SOX, FISMA, CISA), there are many state-level laws that impose… Read More »US Cybersecurity Laws Overview And How SIEM Can Help
LogSentinel’s vision is to provide a security monitoring solution to any organization that needs it and thus reduce their risk of security breaches. That vision requires many innovations and here we’re sharing our high-level roadmap for the next 2 years. Each part of LogSentinel SIEM… Read More »LogSentinel SIEM Roadmap: From SIEM to a 360-Degree Security Monitoring Platform
The events of 2020 brought us unprecedented challenges that no one was prepared for, changing the way we live, work, and communicate, impacting the global economy, all geographic regions, and every single industry. In such a downturn cybercrime flourishes, especially when organizations move most of… Read More »LogSentinel’s 2020 Year in Review
Many people, when reviewing their security strategy, ask the question “is SIEM suitable for my organization”, or simply “is SIEM right for me?” And for a long time, the answer was “no unless you are a large multinational”. The price, the complexity and the hard-to-get… Read More »Is SIEM Suitable For My Organization?
We have built our LogSentinel SIEM around some core principles and we’d like to share and explain them. Every organization can get value from SIEM SIEM is considered expensive and complicated and generally not fit for smaller organizations (and “smaller” can mean anything from a… Read More »The Three Pillars of SIEM
SIEMs can help detect different kinds of issues related to information security. Some of these issues are vital to the organization as they affect confidential data, or can even lead to personal data leaks.
Top Reasons Why SIEMs Are Considered Expensive SIEM (Security Information and Event Management) systems have a reputation for being expensive. And that’s generally correct – they can cost hundreds of thousands per year or have huge upfront costs. But why is that? There are several… Read More »Why Are SIEMs Expensive?
What is a SIEM? SIEM stands for Security information and event management. This technology has existed since the late 1990s. Traditional SIEM has been joined by a broad use log management technology that focuses on collecting various types of logs and events for different purposes,… Read More »SIEM: What Is SIEM, How It Works, and Useful Resources
The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications. To prove the integrity of financial data, companies must extend… Read More »Using SIEM for Simplifying SOX Compliance
SIEMs (Security information and event management systems) are often considered sufficient for certain compliance needs – they “tick” boxes on numerous standards and regulations and have built-in compliance reports. However, legacy SIEMs don’t always work for the compliance department. While in theory, they support the… Read More »Legacy SIEMs Don’t Work For The Compliance Department
Security Information and Event Management systems are considered a “must-have” in many industries. They are effectively a horizontal security tool that improves security posture and improves visibility regardless of the domain specifics. Or at least it seems so at first. The reality is somewhere in… Read More »Three Industry-Specific Aspects of SIEM
You have probably seen many other SIEM buyer’s guides and realized that they are focused on large multinationals and Fortune 500 companies and you find them hard to relate to. However, the SIEM products are no longer targeted just at large corporations (despite the fact… Read More »SIEM Buyer’s Guide for SMEs
Security Information and Event Management (SIEM) systems are crucial for every organization as they are able to detect malicious acts and even to prevent them. By converting simple audit logs into a very detailed behavior analysis, SIEMs can help in achieving full data protection and… Read More »Free Webinar: SIEM – Benefits and Pitfalls
Logs in the IT context are a piece of evidence, automatically generated and time-stamped when a certain event happens. All information systems produce some kinds of logs. For the security and compliance teams, the most common usage of logs is detecting anomalous activities, validating a… Read More »Log Analytics for Business Process Management
Log Integrity Capabilities of SIEMs Log integrity and non-repudiation are key properties of audit logs. As SIEMs are usually the way to collect audit logs (among many other things) in large organizations, we have to make sure they give us those properties. We have discussed previously that it’s not… Read More »Log Integrity: How SIEMs Address the Issue and Is It Enough?
Logs are ubiquitous in IT – they are semi-structured pieces of information about the behavior of a system and its users. Many standards, regulations and best practices assume and require the existence of logs. Consequently, many systems collect those logs and make use of them for… Read More »Log Collectors Landscape: SIEM, Log Collectors, UEBA, and Audit Trail
It is for a good reason that “integrity” is one of the three main aspects of information security. Lack of data integrity can be a serious issue in many cases, as we have already discussed in our post “3 Reasons Not to Ignore Data Integrity”.… Read More »Does Your SIEM Guarantee Log Integrity? And Does It Make You Compliant?
You are likely using a log collector – Graylog, Splunk, Loggly, logstash, logz.io, scylar, CloudWatch logs, etc. And log collectors are absolutely mandatory for any deployment of more than one machine (though they are very useful even in that case). They collect all your logs… Read More »How LogSentinel SIEM Complements Log Collectors