Security analytics and automation
Security analytics and automation provide enterprises the data needed to help defend against a barrage of cyber threats. A toolkit combining threat intelligence sharing and services with SIEM and SOAR systems as well as threat hunting is key to success.
Top Stories
-
News
19 Nov 2024
Microsoft to offer hackers millions in Zero Day Quest event
Microsoft launched Zero Day Quest on Tuesday with a preliminary event offering bug bounty researchers rewards with multipliers for select security scenarios. Continue Reading
-
Tip
12 Nov 2024
SIEM vs. SOAR vs. XDR: Evaluate the key differences
SIEM, SOAR and XDR each possess distinct capabilities and drawbacks. Learn the differences among the three, how they can work together and which your company needs. Continue Reading
- 28 Nov 2017
-
Tip
10 Oct 2017
Considerations for developing a cyber threat intelligence team
The use of a cyber threat intelligence team can greatly help organizations. Learn the best practices for team location and selection from expert Robert M. Lee. Continue Reading
-
Answer
29 Sep 2017
Can the STIX security framework improve threat intelligence sharing?
Can Structured Threat Information eXpression improve threat intelligence sharing? Nick Lewis breaks down the evolution of the STIX security framework. Continue Reading
-
Feature
28 Sep 2017
What SIEM features are essential for your company?
On the hunt for the best SIEM tool for your company? Learn how to evaluate the capabilties of the newest security information and event management products. Continue Reading
-
Feature
26 Sep 2017
Machine learning in cybersecurity: How to evaluate offerings
Vendors are pitching machine learning for cybersecurity applications to replace traditional signature-based threat detection. But how can enterprises evaluate this new tech? Continue Reading
-
Tip
11 Jul 2017
Tactics for security threat analysis tools and better protection
Threat analysis tools need to be in top form to counter a deluge of deadly security issues. Here are tips for getting the most from your analytics tool. Continue Reading
-
News
30 Jun 2017
Q&A: How the Cyber Threat Alliance solved threat intelligence sharing
Palo Alto Networks CSO Rick Howard talks with SearchSecurity about his experiences with the Cyber Threat Alliance and how the group approaches threat intelligence sharing. Continue Reading
-
Security School
06 Jun 2017
How threat intelligence feeds aid organizations' security posture
This Security School explores how threat intelligence feeds works and discusses the types of vendor services that exist now. Continue Reading
-
Tip
07 Apr 2017
Incorporating user behavior analytics into enterprise security programs
User behavior analytics can be used for a number of different objectives within an enterprise. Expert Ajay Kumar examines some of the most important features and capabilities. Continue Reading
-
Tip
03 Apr 2017
User behavior analytics: Building a business case for enterprises
User behavior analytics can be beneficial to enterprises, but there are complexities involved. Expert Ajay Kumar explains what companies should know about this new technology. Continue Reading
-
Security School
14 Mar 2017
Securing big data is a growing infosec responsibility
Learn the ins and out of securing big data, from the key risks facing big data environments to the skills infosec pros need to master to handle this growing responsibility. Continue Reading
-
E-Zine
01 Mar 2017
Machine learning in security explodes: Does it work?
Machine learning in security is continuing to advance, and many companies now claim to have introduced artificial intelligence techniques into their platforms. With the high volume of data that most security teams have to prioritize, machine learning in security technology is increasingly being adopted as a way to reduce the noise that traditional security products produce.
Smaller companies, such as Keen Footwear, have turned to threat platforms that incorporate machine learning and AI techniques -- and soon automated defense -- to solve a variety of problems. "I don't need to go hire someone dedicated to security," said Clark Flannery, director of IT at Keen's headquarters in Portland, Ore. "It just feels like a whole team back there -- who are way more qualified than [staff] I would be able to pay."
With security professionals in short supply, companies like Keen are relying on these technologies to make it easier to spot and respond to attacks. While machine learning and artificial intelligence are often used interchangeably, the concepts are different. In this issue of Information Security magazine, we discuss the nuances and dive into the current state of the technology. Machine learning in security offers information security analysts more depth of knowledge, helping to detect patterns and related analysis they may not otherwise have known about.
Continue Reading -
Opinion
01 Mar 2017
AI or not, machine learning in cybersecurity advances
As more companies promote machine learning and artificial intelligence technologies, chief information security officers need to ask some tough questions to get past the hype. Continue Reading
-
Feature
01 Mar 2017
Security looks to machine learning technology for a cognitive leg up
Advances in machine learning technology and artificial intelligence have proven to work well for some information security tasks such as malware detection. What's coming next? Continue Reading
- 24 Feb 2017
- 24 Feb 2017
-
Feature
15 Sep 2016
RSA NetWitness Logs and Packets: Security analytics product overview
Expert Dan Sullivan examines RSA's NetWitness Logs and Packets, security analytics tools that collect and review logs, packets and behavior to detect enterprise threats. Continue Reading
-
Feature
18 Nov 2015
Hewlett Packard Enterprise's ArcSight ESM: SIEM product overview
Expert Karen Scarfone analyzes HPE's ArcSight Enterprise Security Management (ESM), a security information and event management (SIEM) tool used for collecting security log data. Continue Reading
-
Feature
18 Nov 2015
EMC RSA Security Analytics: SIEM product overview
Expert Karen Scarfone examines EMC RSA Security Analytics, a SIEM product for harvesting, analyzing and reporting on security log data across the enterprise. Continue Reading
-
Feature
18 Nov 2015
AlienVault OSSIM: SIEM Product overview
Expert Karen Scarfone checks out AlienVault's Open Source SIEM and Unified Security Management products for collecting event data from various security logs within an organization. Continue Reading
-
Feature
18 Nov 2015
Splunk Enterprise: SIEM product overview
Expert Karen Scarfone examines Splunk Enterprise, a security information and event management (SIEM) product for collecting and analyzing event data to identify malicious activity. Continue Reading
-
Feature
18 Nov 2015
SolarWinds Log and Event Manager: SIEM product overview
Expert Karen Scarfone examines SolarWinds Log and Event Manager, a security information and event management (SIEM) tool for collecting and analyzing event data to identify malicious activity. Continue Reading
-
Feature
18 Nov 2015
IBM Security QRadar: SIEM product overview
Expert Karen Scarfone takes a look at IBM Security QRadar, a security information and event management (SIEM) tool used for collecting and analyzing security log data. Continue Reading
-
Feature
18 Nov 2015
LogRhythm's Security Intelligence Platform: SIEM product overview
Expert Karen Scarfone examines LogRhythm's Security Intelligence Platform, a SIEM tool for analyzing collected data. Continue Reading
-
Answer
25 Mar 2015
What are the secrets to SIEM deployment success?
Many organizations deploy security information and event management systems without the proper planning and therefore can't reap the proper rewards. Expert Kevin Beaver offers tips for a successful implementation. Continue Reading
-
Feature
03 Mar 2015
Beyond the Page: New SIEM Battleground Unfolds with Advanced Analytics
Robert Lemos looks at next-generation security information and event management analytic tools and cloud-based systems. Continue Reading
-
Tip
03 Mar 2015
SIEM systems: Using analytics to reduce false positives
Combining data from a variety of sources with better analytics can reduce workloads. Continue Reading
-
Tip
17 Feb 2015
Benefits of the Cisco OpenSOC security analytics framework
Cisco's open source security analytics framework aims to help enterprises address visibility and incident management challenges. Expert Kevin Beaver discusses OpenSOC and what to consider when integrating it into an enterprise security strategy. Continue Reading
-
Tip
02 Feb 2015
How emerging threat intelligence tools affect network security
Up and coming threat intelligence tools aim to improve data security and even standardize threat intelligence across the industry. Expert Kevin Beaver explains how. Continue Reading
-
Tip
22 Jul 2014
Big data security analytics: Facebook's ThreatData framework
Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense. Continue Reading
-
Guide
22 Jul 2013
How to define SIEM strategy, management and success in the enterprise
Enterprise SIEM technology is as functional, manageable and affordable as it's ever been. Learn how to achieve success with SIEM in your organization. Continue Reading
-
Quiz
29 Apr 2013
Quiz: Using SIEM technology to improve security management processes
In this five question quiz, test your knowledge of our Security School lesson on using SIEM technology to improve security management processes. Continue Reading
-
Answer
11 Mar 2008
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a centralized logging infrastructure. Continue Reading
