Detecting New Network Services with Behavioral Analytics
Last year, during a proof of concept, a future customer discovered that an internal development web server had been accidentally published externally. The content of this development server—including the customers’ personally identifiable information (PII)—had been made publicly available with no…
Read More
October 18, 2016
Automation and Integration through Critical Security Controls
About the CIS Critical Security Controls Now in version 6, the Center for Internet Security (CIS) Critical Security Controls “are a concise, prioritized set of cyber practices created to stop today’s most pervasive and dangerous cyber attacks.” So why have…
Read More
October 13, 2016
How to Build a Miniature Network Monitor Device
Posted by: LogRhythm Labs
Collaboration between Greg Foss, Kjell Hedstrom, Dan Schatz-Miller, Michael Swisher, and Craig Cogdill LogRhythm NetMon is a powerful forensics tool that allows organizations to capture, analyze, and alert on network data. Traditionally, NetMon is deployed on a blade server within…
Read More
October 6, 2016
In the Wake of the Yahoo Breach: What to Do if Your Account Was Compromised
On September 22nd, 2016, Yahoo confirmed that they were victim to a state-sponsored attack that compromised 500 million user accounts. According to Yahoo, “The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the…
Read More
September 29, 2016
Gathering Evidence Through Network Monitoring
In the world of infosec, we know that gathering evidence is critical to identifying the attack vector, understanding how to stop the attack quickly, and moving ongoing investigations further. One of the best ways to gather forensic evidence is through…
Read More
September 27, 2016
Temporal Chain Normalization: The Unsung Hero of Event Correlation
When it comes to correlation capabilities, LogRhythm has you covered. With AI Engine you can perform a variety of activities, from observing a single activity to applying advanced behavior rules across multiple dimensions (entities, devices, log sources, metadata, etc.). In…
Read More
September 22, 2016