We have several customers using IBM AS400 whom we’ve helped in the past collect logs of system administrators under NetEye 3. Now with NetEye 4 we’ve improved log collection, making it compliant with the ECS standard and configuring a special internal port (5514) for NetEye to process these logs and syslog logs in general. Let’s…
Read MoreI’m writing this article with the goal of summarizing the events of recent days concerning the zero-day vulnerability that has struck Microsoft Exchange installations, and to provide some useful information to help you understand how the attack began, how it developed, and what we should expect in the immediate future. First of all, a quick…
Read MoreWe recently integrated two dashboards into NetEye SIEM to check what is happening within Active Directory, a component that is present in the vast majority of our customer environments. These two dashboards start from the collection of security events that are gathered across the various Windows servers that make up the infrastructure, and are then…
Read MoreIn order to protect your business against cyber attacks you need to both harden your systems and promptly detect suspicious activities in your infrastructure. Sigma is an open source project which defines specifications for a standard signature format that allows you to describe relevant log events for security purposes. The Sigma rules language is intended…
Read MoreIn our ethical hacking activities there are three different phases in which we clash with the themes of SIEM: PLANNING – The phase prior to the activity where we define the scope of engagement, be it for a Vulnerability Assessment, a Penetration Test or simulating a real attack CHALLENGE – The activity, corresponding to Vulnerability…
Read MoreNow that your company has invested time and resources in gathering information about your entire installed base of software and equipment, how can we analyze and measure its level of security protection? Can we identify the vulnerabilities in your company’s software? Can we create a scoring function that measures security and how it changes over…
Read MoreIT security is one of the highest priorities for every CIO. Cyber-attacks are now a reality that we must deal with on a daily basis. More and more organizations have been the victims of so-called cybercrimes that are the cause of financial losses, operational problems and consequences to the company’s reputation. That is why trying…
Read More