Operations | Monitoring | ITSM | DevOps | Cloud

chaossearch

How to Get Started with a Security Data Lake

Aug 29, 2024 By David Bunting In ChaosSearch
Modern SecOps teams use Security Information and Event Management (SIEM) software to aggregate security logs, detect anomalies, hunt for threats, and enable rapid incident response. While SIEMs enable accurate, near real-time detection of threats, today's SIEM solutions were never designed to handle the volume of security data organizations generate daily. As daily log ingestion grows, so do the costs of data management.
Read Post
chaossearch

The Power of Combining a Modular Security Data Lake with an XDR

Aug 2, 2024 By David Bunting In ChaosSearch
The 2024 Global Digital Trust Insights survey from PwC reports that 36% of businesses have experienced a data breach that cost more than $1 million to remediate. Cyber threats are clearly on the rise and in today’s volatile threat environment, it is a matter of when - not if - a cybersecurity incident will occur. Digital adversaries are becoming more sophisticated and relying on weak links to exploit company applications and infrastructure.
Read Post
Sponsored Post
chaossearch

Improving Patch and Vulnerability Management with Proactive Security Analysis

Jul 30, 2024 By David Bunting In ChaosSearch
Vulnerability management is the continuous process of identifying and addressing vulnerabilities in an organization's IT infrastructure, while patch management is the process of accessing, testing, and installing patches that fix bugs or address known security vulnerabilities in software applications. Vulnerability management and patch management are crucial SecOps processes that protect IT assets against cyber threats and prevent unauthorized access to secure systems.
Read Post
Sponsored Post
chaossearch

5 Security Logging and Monitoring Mistakes to Avoid

Jun 28, 2024 By David Bunting In ChaosSearch
As cybersecurity attack vectors evolve, security logging and monitoring are becoming even more important. Effective logging and monitoring enables organizations to detect and investigate security incidents quickly. Cloud-based attackers are getting more sophisticated, and often rely on stolen credentials to escalate privileges and move laterally within corporate IT networks. Many do so undetected, which is why modern IT systems require a watchful eye on log data to detect suspicious activity and inform incident response efforts.
Read Post
chaossearch

AWS vs GCP: Which Cloud Service Logs Can Provide the Most Valuable Data to Improve Your Business

Jun 6, 2024 By George Hamilton In ChaosSearch
The infrastructure and services running on public cloud computing services like Google Cloud Platform (GCP) and Amazon Web Services (AWS) produce massive volumes of logs every day. An organization’s log data provides details about their entire IT environment in real-time, or at any point in time in history.
Read Post
Sponsored Post
chaossearch

Top Security Data Types: Exploring the OCSF Framework

May 29, 2024 By David Bunting In ChaosSearch
In cybersecurity, it's a big challenge to handle diverse data formats across various platforms. The Open Cybersecurity Schema Framework (OCSF) aims to address this by standardizing data security formats and simplifying the process of threat hunting. Major players like IBM, AWS and others are working together to standardize data with this open-source project, emphasizing its importance.
Read Post
chaossearch

How to Create an S3 Bucket with AWS CLI

May 9, 2024 By David Bunting In ChaosSearch
Managing an Elasticsearch cluster can be complex, costly, and time-consuming - especially for large organizations that need to index and analyze log data at scale. In this short guide, we’ll walk you through the process of creating an Amazon S3 bucket, configuring an IAM role that can write into that bucket, and attaching that IAM role to your Amazon S3 instance - all using the AWS Command Line Interface (CLI).
Read Post
Sponsored Post
chaossearch

How to Threat Hunt in Amazon Security Lake

Apr 29, 2024 By David Bunting In ChaosSearch
Establishing a proactive security posture involves a data-driven approach to threat detection, investigation, and response. In the past, this was challenging because there wasn't a centralized way to collect and analyze security data across sources, but with Amazon Security Lake it is much simpler. Whether you're a security company improving and refining your threat intelligence for customers, or you're investigating security threats within your own environment, there are a few important things you need to know. This blog will cover the tools, frameworks and data types you'll need to threat hunt in Amazon Security Lake.
Read Post
chaossearch

Why Organizations are Using Grafana + Loki to Replace Datadog for Log Analytics

Apr 18, 2024 By David Bunting In ChaosSearch
Datadog is a Software-as-a-Service (SaaS) cloud monitoring solution that enables multiple observability use cases by making it easy for customers to collect, monitor, and analyze telemetry data (logs, metrics and traces), user behavior data, and metadata from hundreds of sources in a single unified platform.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.