Important: Icinga2 security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the icinga2 packages is now available for NetEye 4. Security Fix for NetEye 4.44 CVEs The CVEs include three different vulnerabilities: an Information Disclosure, a Denial of Service and a Limited Privilege Escalation. For a detailed…
Read MoreSuppose you’re using lots of maps to make the navigation of your IT infrastructure more user friendly for your (management) user who’s not at all technically minded. That person wants to see the IT status of their systems in graphical form, but there’s a problem in that the IT assets change over time, and it…
Read MoreAround this time last year, I wrote a blog post about improving cybersecurity with Elastic Defend. Now, one year later, we’ve gained a lot of practical experience with it, which I’d like to share. Elastic Defend is an EDR (Endpoint Detection and Response). Unlike a traditional antivirus solution that relies on signature patterns that need…
Read More
During the NetEye Conference 2025, I discussed several analysis use cases where integrating threat intelligence information can help build a useful framework for further alert analysis. Below, I’ll share a possible analysis approach for each use case. Case 1 – Alert about scan attempts from an AWS IP SOC Analyst’s decision: “Ouch, this IP is…
Read MoreDuring one of my last sessions with a customer I had to deal with a very particular use case, where I couldn’t use the solution presented in my previous blog post (https://www.neteye-blog.com/2025/08/massive-update-of-the-icinga-custom_var-host-services/). In this new scenario, the customer wanted to clean up a custom_var linked to a service, whose value, inherited from the host, had…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch and kibana packages is now available for NetEye 4. Security Fix for NetEye 4.44 CVEs The CVEs include three XSS vulnerabilities and two Broken Access Control vulnerabilities. For a detailed overview of the…
Read MoreEffective Vulnerability Management doesn’t end with detection, it ends with action. And to take the right action, you need clear, accurate, and timely reports. In today’s fast-moving threat landscape, reporting is not just a formality, it’s a critical bridge between scan data and strategic security decisions. This article explores the role of reporting within the…
Read MoreIntroduction In modern SOC environments, detection rules are the cornerstone of identifying malicious activity. However, the effectiveness of a rule depends not only on what it looks for but also on how precisely it defines suspicious behavior. Many analysts have experienced the pain of rules that are “noisy” – generating countless false positives (FPs) that…
Read MoreInsights into how project managers perceive AI reshaping the project management. At the Threshold of a New Project Management Era Over a decade ago, when I first read about how AI could reshape jobs, my main question was how it would affect the role I held then: Project Manager. Years later, after experimenting with the…
Read MoreWelcome to version 4.44 of our NetEye v4 Unified Monitoring Platform. As you log in, you’ll be greeted by a crisp view of Lago di Braies, where summer’s warmth yields to autumn. The larches are turning brilliant shades of yellow and burnt orange, forming a vivid contrast with the deep green of the pines and…
Read MoreIn NetEye, ‘business processes’ is a module used to model and monitor the business process hierarchy to obtain a high-level view of the status of critical applications. In short, they allow monitoring controls of individual components to be aggregated into a single screen, creating customized dashboards and generating notifications at the process level, rather than…
Read MoreIf you’ve worked with Elastic APM, you’re probably familiar with the APM Server: a component that collects telemetry data from APM Agents deployed across your infrastructure. But what happens when you need to segregate that data by tenant, especially in complex network zones? Let’s walk through a real-world scenario and how we tackled it. The…
Read More
Will AI really change the Service Desk? Anyone who works in an IT office knows this: between tickets, locked accounts, and last-minute requests, the service desk is the invisible heart of the company.Lately, though, everyone’s talking about one thing: artificial intelligence. And the question is always the same:How much will it really change the way…
Read MoreA modern web app isn’t one single big monolith: it’s made of quite a lot of pieces! For instance, we relied on a setup such as this one for a recent one we are developing: That’s a lot of moving parts. You could glue them together with scripts, sticky notes, and caffeine… but then most…
Read MoreAs our company’s NetEye cloud solution NetEye.cloud expands, we’re deploying compute nodes not only in our own data centers but, on customer premises across the globe – connected through satellite links. This hybrid, geo-distributed model creates a very tough challenge: How can we manage configuration across hundreds of remote machines reliably, and at scale? Why…
Read More