Blog Entries

03. 09. 2019 Massimo Giaimo Information Security Operations Center, NetEye, Security

NetEye SIEM: The Attacker’s Point of View

In our ethical hacking activities there are three different phases in which we clash with the themes of SIEM: PLANNING – The phase prior to the activity where we define the scope of engagement, be it for a Vulnerability Assessment, a Penetration Test or simulating a real attack CHALLENGE – The activity, corresponding to Vulnerability…

Read More
25. 03. 2019 Oreste Attanasio Information Security Operations Center, Log Auditing, Microsoft Management, NetEye

Safed improvements since 1.10.1

The Safed agent keeps track of the events it receives from the Eventlog by keeping the LastEventID in registry. At start time the agent tries to retrieve all events from Windows Eventlog since starting from the LastEventID. When the amount of events since LastEventID is too large or the LastEventID has been removed from the…

Read More
07. 02. 2019 MarinovMihail Information Security Operations Center, NetEye

Secure Connections for the Safed Agent

The Safed agent can be configured via https and send its collected logs to the log collector though a TLS connection. The latest released version – 1.9.1 – supports TLS 1.2 (at a minimum) and TLS 1.3. The first step is to upload the private key, the local certificate and the CA certificate to the…

Read More
19. 09. 2017 Massimo Giaimo Information Security Operations Center, NetEye

Do you want to prevent cyber-attacks? NetEye and Kibana can help.

IT security is one of the highest priorities for every CIO. Cyber-attacks are now a reality that we must deal with on a daily basis. More and more organizations have been the victims of so-called cybercrimes that are the cause of financial losses, operational problems and consequences to the company’s reputation. That is why trying…

Read More

Archive