Free Training: Brush Up on Your Deep Packet Analytics Rules and Dashboards
Your network is full of extremely valuable data that can be used to improve both security and operations. Unfortunately, due to the sheer volume of data, it can be difficult to effectively monitor and understand everything on your network. That…
Read More
February 23, 2017
Making Sense of IoT Data
Posted by: Ramy Ahmad
These days, it seems that just about everyone is talking about the Internet of Things (IoT). According to recent forecasts from Gartner, 6.4 billion connected things were in use worldwide in 2016—up 30 percent from 2015. As digitally connected devices…
Read More
February 21, 2017
Sera-Brynn Quickly Responds to Cyber Incidents with Portable Network Forensics
Difficulties Turning Network Data into Actionable Information Networks process and ensure the transfer of hundreds of terabytes of data per minute. Thus, networks have become crucial sources of data to gather indicators of compromise and gain visibility into an IT…
Read More
February 16, 2017
Streamline Security Operations and Measure KPIs with LogRhythm Security Orchestration, Automation, and Response
When it comes to protecting your organization, the speed that you can detect and respond to a threat is crucial. Measuring the time to detect (TTD) and time to respond (TTR) is nearly equally as important. Capturing and understanding these…
Read More
February 14, 2017
Plug Security Gaps by Identifying Remote Access Account Anomalies
Remote access has become crucial for business operations, as satellite employees and travelers need remote access to corporate networks. However, while remote access greatly benefits productivity, it also exposes the organization to a number of additional threats. Let’s look into…
Read More
February 9, 2017
Passive Discovery and Exploitation of Open SMB Shares
Server Message Block (SMB) shares are a critical component to most organizations—allowing for a central repository of files and other items that people need to access and share to do their jobs. Often, organizations will have multiple file shares in…
Read More
January 24, 2017
User Threat Detection—There’s a Module for That
Posted by: Matt Willems
End-user behavior can be difficult to baseline and monitor. Users often click on suspect links, open unknown attachments, and unknowingly expose the organization to risk. Where traditional analytics and perimeter defenses fall short, LogRhythm’s User and Entity Behavior Analytics (UEBA)…
Read More
January 19, 2017
Cybersecurity Advice for President-Elect Trump: Maintain Bi-Partisan Momentum and Step on the Gas
Posted by: Chris Petersen
As Donald Trump prepares to assume the presidency, cybersecurity strategy should be high on his priority list. Time is of the essence, as those who want to cause harm are not taking a hiatus as our country moves through this…
Read More
January 17, 2017
Protect Your Business with LogRhythm and Palo Alto Networks
Enable Comprehensive End-to-End Threat Lifecycle Management Cyber criminals are compromising organizations at an unprecedented rate. To counter these attacks, security teams must leverage multiple security solutions to build and strengthen security operations. If done incorrectly, using multiple solutions isn’t a…
Read More
January 10, 2017
Alliant Credit Union Automates Fraud Detection
The Challenge Manual Analysis Resulting in Decreased Productivity and Visibility Bank fraud reached an all-time high in 2015. To combat this threat, Alliant Credit Union employs a team of fraud specialists that scrutinizes detailed reports in search of fraudulent financial…
Read More
January 10, 2017
The Top 8 Things to Analyze in Your Network to Detect a Compromised System
Back in August, I had an amazing conversation with Randy Franklin Smith of Ultimate Windows Security during a webinar. We talked about how to identify a number of security scenarios simply by looking at network traffic. If you missed the…
Read More
December 9, 2016
Detecting the BlackNurse DDoS Attack with LogRhythm NetMon
The security operations center (SOC) at Danish telecoms operator TDC recently published a report with regards to an ICMP based DoS/DDoS style of attack. This attack effectively makes use of ICMP type 3 and code 3 crafted packets to drain…
Read More
December 6, 2016
The Definitive Guide to Security Intelligence and Analytics
Posted by: Karen Scarfone
Karen Scarfone has nearly 25 years of professional IT experience, with over 15 years of that dedicated to information security. As a managing consultant at CyberEdge, Karen oversees security content development, custom research, and publishing projects. My colleague, Steve Piper,…
Read More
November 15, 2016
Detecting Home Network Issues with Network Monitor
I’ve been running a test Network Monitoring (NetMon) Mini device at home for the past few weeks and, up until recently, I didn’t notice anything “unexpected” on my home network. Figure 1: Miniature NetMon Home Appliance (Click on images to…
Read More
November 8, 2016
Making Security Intelligence a Standard Operating Procedure
Protecting our Nation’s Interconnected Critical Infrastructure National Cyber Security Awareness Month is coming to an end. Hopefully, we have all come away with some ideas on how to better protect ourselves, organizations, and our country. We must not slow down,…
Read More
November 2, 2016
Building Resilience in Critical Infrastructure
Disrupting Critical Infrastructure: A Potential New Form of Warfare It’s National Cyber Security Awareness Month, and the theme for the final week is “Building Resilience in Critical Infrastructure.” So why is this a focus for the National Cyber Security Alliance?…
Read More
October 27, 2016
EPC Inc. Improves IT Operations with Actionable Insights
EPC Inc. is one of the premier IT asset recovery and end-of-life IT asset handling solution providers in the United States. Clients trust EPC to secure, process, and thoroughly wipe devices before repurposing or de-manufacturing according to local and ISO…
Read More
October 25, 2016
Building and Implementing a Next-Gen SOC
Posted by: Roselle Safran
Roselle Safran is the CEO and Co-Founder of Uplevel Security, the industry’s first adaptive incident response platform. Roselle was previously the Cybersecurity Operations Branch Chief at the Executive Office of the President, where she managed the 24×7 security operations center…
Read More
October 20, 2016