Building and Implementing a Next-Gen SOC

Building and implementing a next-generation Security Operations Center (SOC) can seem like a daunting endeavor. The sheer number of technologies to consider, which seems to grow regularly, creates a dizzying array of technical options and capability permutations.

Detecting New Network Services with Behavioral Analytics

By utilizing network data generated by Network Monitor, the LogRhythm Security Intelligence and Analytics platform can whitelist normal network behavior and can generate an alert when a new network service is detected. But in order to gather the complete picture you also need user and endpoint visibility. This brings us back full circle to the importance of holistic analytics. I’ll discuss a real world example showing how holistic analytics can help you detect new network services and potentially avoid a similar incident.

Automation and Integration through Critical Security Controls

Automated security intelligence is required to meet most, if not all, of the CIS Critical Security Controls. In it's latest spotlight paper, SANS reviews how automated security intelligence can help your organization's security operations strategy align with the CIS Critical Security Controls to detect and respond swiftly to cyber threats.

How to Build a Miniature Network Monitor Device

LogRhythm’s Network Monitor is a powerful forensics tool that allows organizations to capture, analyze, and alert on network data. Traditionally, NetMon is deployed on a blade server within an organization’s data center. However, there are many situations where a smaller, more tactical device is the optimal solution. To demonstrate how to easily deploy NetMon we decided to show you how to build a miniature device.

In the Wake of the Yahoo Breach: What to Do if Your Account Was Compromised

On September 22nd, 2016, Yahoo confirmed that they were victim to a state-sponsored attack that compromised 500 million user accounts. According to Yahoo, "The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and in some cases, encrypted or unencrypted security questions and answers." Yahoo is recommending users change their passwords and review their accounts for suspicious activity.