During the NetEye Conference 2025, I discussed several analysis use cases where integrating threat intelligence information can help build a useful framework for further alert analysis. Below, I’ll share a possible analysis approach for each use case. Case 1 – Alert about scan attempts from an AWS IP SOC Analyst’s decision: “Ouch, this IP is…
Read MoreDuring one of my last sessions with a customer I had to deal with a very particular use case, where I couldn’t use the solution presented in my previous blog post (https://www.neteye-blog.com/2025/08/massive-update-of-the-icinga-custom_var-host-services/). In this new scenario, the customer wanted to clean up a custom_var linked to a service, whose value, inherited from the host, had…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch and kibana packages is now available for NetEye 4. Security Fix for NetEye 4.44 CVEs The CVEs include three XSS vulnerabilities and two Broken Access Control vulnerabilities. For a detailed overview of the…
Read MoreEffective Vulnerability Management doesn’t end with detection, it ends with action. And to take the right action, you need clear, accurate, and timely reports. In today’s fast-moving threat landscape, reporting is not just a formality, it’s a critical bridge between scan data and strategic security decisions. This article explores the role of reporting within the…
Read MoreIntroduction In modern SOC environments, detection rules are the cornerstone of identifying malicious activity. However, the effectiveness of a rule depends not only on what it looks for but also on how precisely it defines suspicious behavior. Many analysts have experienced the pain of rules that are “noisy” – generating countless false positives (FPs) that…
Read MoreInsights into how project managers perceive AI reshaping the project management. At the Threshold of a New Project Management Era Over a decade ago, when I first read about how AI could reshape jobs, my main question was how it would affect the role I held then: Project Manager. Years later, after experimenting with the…
Read MoreWelcome to version 4.44 of our NetEye v4 Unified Monitoring Platform. As you log in, you’ll be greeted by a crisp view of Lago di Braies, where summer’s warmth yields to autumn. The larches are turning brilliant shades of yellow and burnt orange, forming a vivid contrast with the deep green of the pines and…
Read MoreIn NetEye, ‘business processes’ is a module used to model and monitor the business process hierarchy to obtain a high-level view of the status of critical applications. In short, they allow monitoring controls of individual components to be aggregated into a single screen, creating customized dashboards and generating notifications at the process level, rather than…
Read MoreIf you’ve worked with Elastic APM, you’re probably familiar with the APM Server: a component that collects telemetry data from APM Agents deployed across your infrastructure. But what happens when you need to segregate that data by tenant, especially in complex network zones? Let’s walk through a real-world scenario and how we tackled it. The…
Read More
Will AI really change the Service Desk? Anyone who works in an IT office knows this: between tickets, locked accounts, and last-minute requests, the service desk is the invisible heart of the company.Lately, though, everyone’s talking about one thing: artificial intelligence. And the question is always the same:How much will it really change the way…
Read MoreA modern web app isn’t one single big monolith: it’s made of quite a lot of pieces! For instance, we relied on a setup such as this one for a recent one we are developing: That’s a lot of moving parts. You could glue them together with scripts, sticky notes, and caffeine… but then most…
Read MoreAs our company’s NetEye cloud solution NetEye.cloud expands, we’re deploying compute nodes not only in our own data centers but, on customer premises across the globe – connected through satellite links. This hybrid, geo-distributed model creates a very tough challenge: How can we manage configuration across hundreds of remote machines reliably, and at scale? Why…
Read MoreDependencies (frameworks, modules, plugins, etc.) are the lifeblood of modern software libraries. But managing them manually is a burden. By automating dependency updates (in a controlled, smart way), you can stay ahead of security issues, reduce technical debt, and make upgrades less painful. Below I’ll walk you through why automatic updates matter, what to watch…
Read MoreIntroduction In every IT team, service requests are the everyday heartbeat of operations. From resetting a password, granting access to a tool, setting up new equipment, or answering a simple “how do I?” question, these are routine, predictable tasks. But if handled poorly, they can quickly lead to frustration, inefficiency, and higher costs. Service Request…
Read MoreIn a recent project, I was tasked with enabling the synchronization of Entra ID (formerly Azure AD) security groups and their members into an ITSM CMDB hosted on Jira. The objective was to ensure accurate visibility of group-to-user relationships, leveraging Atlassian’s SCIM 2.0 API capabilities. While the goal sounds straightforward – syncing groups and users…
Read More