Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Windows 10 does temporarily disable third-party antivirus, admits Microsoft

But Microsoft rebuts claims that it's been using underhand tactics in Windows 10 against third-party antivirus.

​Windows 10 does temporarily disable third-party antivirus, admits Microsoft

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: Are we ready to bid the SIEM farewell?  (Read 16 times)

0 Members and 1 Guest are viewing this topic.

ScarlettTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Cymru
  • Posts: 22235
Are we ready to bid the SIEM farewell?
« Reply #1 on: April 20, 2017, 02:17:34 PM »
Are we ready to bid the SIEM farewell?
20 April 2017, 1:18 pm



At this year's Infiltrate Security Conference in Miami, John Grigg walked the audience through a common target network where a known and commonly used SIEM had been integrated in order to show participants how to exploit onto the SIEM, find intel, and cover their tracks.

Though SIEM technologies are supposed to help secure the networks, Grigg said that they are often misconfigured, which creates more vulnerabilities.

Even though some of the legacy tools are pretty cool, Grigg said the problem is that no one really knows the platform that well. "The vendor who built it knows it from a design standpoint. Then there's the re-selllers, the guys who install it, the internal IT guys who inherit the systems, but they tend to never really focus on it." 

To read this article in full or to leave a comment, please click here



Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle