3 min
Cloud Infrastructure
Why the Modern SIEM Is in the Cloud
Let’s talk about why modern SIEM is in the cloud, what core benefits you can expect, and how it is predicted to evolve as we soar toward 2020.
4 min
Cloud Infrastructure
Your Guide to Securing Multi-Cloud Environments in an IaaS World
In this post, we’ll cover the unique challenges with securing cloud environments, and some best practices specifically focused on securing multi-cloud infrastructure.
4 min
InsightIDR
Securing Your Cloud Environments with InsightIDR, Part 2: Amazon Web Services (AWS)
In this blog, we will talk about threat detection for the world’s most popular cloud host, Amazon Web Services (AWS).
3 min
InsightIDR
Announcing CyberArk and InsightIDR Integration: Connect CyberArk with InsightIDR to Visualize and Investigate Your Privileged Access
To help companies monitor user behavior, secure privileged access, and identify attacks on passwords, we are teaming up with CyberArk.
2 min
SIEM
SIEM Delivery Models: Where Do Today’s Risks and Future Technology Lead Us?
Recently, we partnered with Ultimate IT Security to discuss the current and future state of SIEM technology, and how it’s evolving to address current risks.
3 min
InsightIDR
Utilize File Integrity Monitoring to Address Critical Compliance Needs
To help organizations address their compliance auditing needs, we are excited to introduce file integrity monitoring (FIM) for InsightIDR.
3 min
Incident Detection
How to Alert on Rogue DHCP Servers
How to alert on rogue DHCP servers using network traffic as a data source. We look at how you can use Wireshark or LANGuardian to detect DHCP servers.
7 min
InsightIDR
Windows Event Forwarding: The Best Thing You’ve Never Heard Of
This blog post will discuss how to get logs into your SIEM and create custom alerts to detect certain behaviors in those logs.
7 min
Log Management
Rolling with Your Logs, Part 3: Using Regex to Expand Your Search Options
In this final installment of our Log Search series, we’ll look at some simple regular expressions that will greatly expand your Log Search options.
3 min
Incident Detection
5 Tips For Monitoring Network Traffic on Your Network
Monitoring traffic on your network is important if you want to keep it secure. These five tips will help you get the most out of your (NTA) tool.
6 min
InsightIDR
Rolling with Your Logs, Part 2: Advanced Mode Searches
In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.
4 min
InsightIDR
Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR
In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.
17 min
InsightIDR
Universal Event Formats in InsightIDR: A Step-by-Step NXLog Guide
Follow this step-by-step walkthrough to use NXLog to transform an ingress authentication log into UEF.
3 min
InsightIDR
Detecting Inbound RDP Activity From External Clients
Today, we discuss how to detect inbound RDP activity from external clients.
4 min
InsightIDR
How to Set Up Your Security Operations Center (SOC) for Success
Whether you’re looking to add coverage or are experiencing challenges with your existing security operations center (SOC), it's important to consider these factors before making a decision.