Security Information and Event Management (SIEM) solutions are an important tool in a modern day security team’s arsenal, providing visibility into suspicious activity and attack attempts. They help teams continually assess an organization’s security posture and identify areas of focus to… Read more.
SureLog is a solution that allows you to build your own search logic without a new script language. SureLog has many options to query logs. Immediate Search Search Wizard SQL Immediate Search SureLog has many shortcuts to search logs. On every single report… Read more.
Next generation detection engine of SureLog SIEM combining rule based and ML based techniques. SureLog utilizes machine learning models and advanced correlation rules together and dynamically update each of them.  Anomaly detection via classification Anomaly detection with SureLog infers a probabilistic … Read more.
There are many references to Windows Advanced logging.  . Windows has some great built-in capabilities for detecting abuse — capabilities and SureLog implemented those referances and this is the fastest way to hunt windows endpoints. Everyting is ready as a reports… Read more.
SureLog recently integrated with Kibana, an open-source data visualization tool that provides additional flexibility when navigating data. This allows users to create custom visualizations and interactive dashboards for greater visibility into an environment. Why Use Kibana? Kibana offers histograms, line graphs, pie charts… Read more.
The SureLog application features dashboards on various security topics. Dashboards deliver monitoring and reporting metrics to track the state of security throughout the network. These are simple to configure and user friendly, while allowing users to read a summary of… Read more.
DNS is probably the best source of data for detecting an attacker’s command and control activity, which can be isolated by looking at outbound DNS requests. Botnets play an important role in malware distribution and they are widely used for spreading… Read more.
A popular technique for hiding malware running on operating systems is to give it a name that’s confusingly similar to a legitimate operating system process, preferably one that is always present on all systems. Processes whose names are confusingly similar… Read more.
There are malware tools available that can create Windows services with random service names and descriptions. Emotet infection is an example of malicious services created on the machine. This is due to how Emotet installs itself on a machine, creatingr… Read more.
Cyber Criminals are using various malicious tools for cyber-attacks based on the target’s strength to infiltrate the sensitive data and more often nowadays Publicly Available Hacking Tools are mainly used by threat actors for various attacks around the world. Here… Read more.
Today’s computer networks produce a huge amount of security log data. The security event correlation scalability has become a major concern for security analysts and IT administrators when considering complex IT infrastructures that need to handle huge amount of security… Read more.
A SIEM’s power is in its correlation. SureLog has advanced threat detection capabilities. SureLog combines alerts, advanced correlations, profiles, user behavior rules to detect threats. Also SIEM can help to be compliant with the GDPR by providing visibility into log data… Read more.