Blog - page 10

The Definitive Guide to Security Intelligence and Analytics

In the Definitive Guide to Security Intelligence and Analytics e-book, you'll learn how your organization can benefit from adopting security intelligence and analytics, how to evaluate possible solutions, and tips and tricks on deploying a solution so you can get the most value from it. Read more to learn how to automate event discovery through security analytics and to get the free e-book.

Read More

Detecting Home Network Issues with Network Monitor

Analyzing home network traffic can be highly valuable as you can find previously unknown issues smoothly and efficiently by using Network Monitor. In addition to security issues, you can also track usage statistics and determine what (or who) is utilizing the most bandwidth on your home network.

Read More

Making Security Intelligence a Standard Operating Procedure

We often do not know what we are looking for, and therefore, we need assistance in correlating all of the information. What we do know is that we need to make security intelligence a standard operating procedure (SOP) for all agencies, organizations, and individuals in order to effectively and efficiently cut through the noise and determine actionable intelligence to move the defense of our critical infrastructure forward.

Read More

Building Resilience in Critical Infrastructure

It’s National Cyber Security Awareness Month, and the theme for the final week is “Building Resilience in Critical Infrastructure.” So why is this a focus for the National Cyber Security Alliance? Well initially, cyber threats were focused on profitable data breaches with an attainable payload (e.g., credit card information, industry secrets, etc.). But now, nation states and hacktivist groups are focusing on accessing and disrupting critical infrastructure in the United States.

Read More

Building and Implementing a Next-Gen SOC

Building and implementing a next-generation Security Operations Center (SOC) can seem like a daunting endeavor. The sheer number of technologies to consider, which seems to grow regularly, creates a dizzying array of technical options and capability permutations.

Read More

Detecting New Network Services with Behavioral Analytics

By utilizing network data generated by Network Monitor, the LogRhythm Security Intelligence and Analytics platform can whitelist normal network behavior and can generate an alert when a new network service is detected. But in order to gather the complete picture you also need user and endpoint visibility. This brings us back full circle to the importance of holistic analytics. I’ll discuss a real world example showing how holistic analytics can help you detect new network services and potentially avoid a similar incident.

Read More

Automation and Integration through Critical Security Controls

Automated security intelligence is required to meet most, if not all, of the CIS Critical Security Controls. In it's latest spotlight paper, SANS reviews how automated security intelligence can help your organization's security operations strategy align with the CIS Critical Security Controls to detect and respond swiftly to cyber threats.

Read More

How to Build a Miniature Network Monitor Device

LogRhythm’s Network Monitor is a powerful forensics tool that allows organizations to capture, analyze, and alert on network data. Traditionally, NetMon is deployed on a blade server within an organization’s data center. However, there are many situations where a smaller, more tactical device is the optimal solution. To demonstrate how to easily deploy NetMon we decided to show you how to build a miniature device.

Read More

In the Wake of the Yahoo Breach: What to Do if Your Account Was Compromised

On September 22nd, 2016, Yahoo confirmed that they were victim to a state-sponsored attack that compromised 500 million user accounts. According to Yahoo, "The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and in some cases, encrypted or unencrypted security questions and answers." Yahoo is recommending users change their passwords and review their accounts for suspicious activity.

Read More