How to Use Data to Identify Trends, Attack Profiles, And Possible Threats?

Data is a raw material, which is often unstructured, extracted in massive quantity, and requires processing before calling it an information and actionable intelligence. A good example is the Indicators of Compromise (IoCs). A big list of domain names or IP addresses can be ingested into the SIEM system to identify whether this list contains any malicious IP or not.


We’re an April 2019 Gartner Peer Insights Customers’ Choice for SIEM—thanks to you!

We’re happy to announce that ManageEngine is an April 2019 Gartner Peer Insights Customers’ Choice for Security Information and Event Management (SIEM). While Gartner analysts recognized ManageEngine in its Magic Quadrant for Security Information and Event Management * for three consecutive years, this Customers’ Choice distinction makes us even more proud because we see it as proof that our customers are happy with the technology we provide.


Splunk Essentials for Infrastructure Troubleshooting and Monitoring

It’s free, it’s easy, it’s our newest Splunkbase solution! We are beyond excited to introduce Splunk Essentials for Infrastructure Troubleshooting and Monitoring. You may be wondering, what in the world are Splunk Essentials? Splunk Essentials are a series of free learning apps created by our very own Splunkers. They are designed to guide users down prescriptive use case paths to support a full engagement model and ultimately bring organizations success.


Security Information and Event Management (SIEM) Architecture

In information warfare, the need to develop SIEM architecture has become a crucial factor due to the existence of ever-growing cyber threats and their creators – cyber pests. The SIEM (Security Information and Event Management) presents a broad range of products or services for the purpose of managing security information and security events simultaneously.


SIEM: The Steps Before "The First Steps"

We do a lot of work creating, describing and publishing security use cases to empower SIEM programmes - like a recent webinar with (ISC)2 on ‘20 SIEM Use Cases in 40 Minutes: Which Ones Have you Mastered?’ or sharing stories like Telia’s journey to tackle cybersecurity challenges. However, I thought it would be beneficial to step back from the ‘SIEM minutiae’ to take a better look at IT security strategy and governance.


What’s better: On-site SIEM or MSSP SIEM?

If an organization properly implements a SIEM solution, it efficiently draws attention towards warning signs as well as suspicious activity within the network. With the ever-evolving cyber space, continuous security monitoring has become exceedingly important. The benefits of SIEM also extend to understanding business and technology environments, monitoring availability and performance, issue diagnosis, and creation of a report on network activities.


Behind the scenes of our security incident management process

On the security team, we don’t manage any Atlassian products like other Atlassian teams do. Our main product is trust, and that’s a job that’s never finished. To me, security is more of a mindset; one of constant diligence, continuous improvement, and seeking out ways to innovate.