Resources – Surelog

How to spot and stop malware with SureLog SIEM ?

Organizations still get hit with malware and ransomware in spite of that fact that antivirus and firewall solutions are in place. For this reason, a layered security approach will be more effective to catch malware infections before they start running… Read More….

SureLog SIEM and Advanced Threat Analytics With Machine Learning (ML)

SureLog SIEM comes with advanced correlation engine, behavioural analytics and Machine Learning (ML) models to automate pattern discovery while facilitating intelligent rule creation. As a subfield of Artificial Intelligence (AI), SureLog’s ML uses algorithms to find patterns in data and models… Read More

The True Power of SureLog Taxonomy

SureLog standardizes the category of activities collected from log and machine data. SureLog has a common taxonomy which provides many advantages. The basic idea here is that SureLog attempt to map various properties of the event into standard taxonomies or classifications. This…. Read More

The Fastest Way to See What is Going on Your Network’s Security Aspect is SureLog SIEM

With SureLog SIEM it is possible to see what happened by looking at a picture instead of dive into the logs. Network Activity Map Searching for text is the most basic way to find what you’re looking for. It is very time consuming… Read More

Not All SIEM Solutions Are Equal and Not All SIEM Use Cases Are the Same

Security Information and Event Management (SIEM) solutions are an important tool in a modern day security team’s arsenal, providing visibility into suspicious activity and attack attempts. They help teams continually assess an organization’s security posture and identify areas of focus to… Read more.

How to Search Billions of Logs Without learning New Script Language With SureLog SIEM?

SureLog is a solution that allows you to build your own search logic without a new script language. SureLog has many options to query logs. Immediate Search Search Wizard SQL Immediate Search SureLog has many shortcuts to search logs. On every single report… Read more.

SureLog SIEM Federated Anomaly Detection Engine Using Classification

Next generation detection engine of SureLog SIEM combining rule based and ML based techniques. SureLog utilizes machine learning models and advanced correlation rules together and dynamically update each of them. [1] Anomaly detection via classification Anomaly detection with SureLog infers a probabilistic … Read more.

Malware Fighting with SureLog SIEM

We will show you how SureLog SIEM can effectively identify and stop malware on the host. Use case: Malware Dropped to a HOST URL link over an email received User clicked on it and provided the required information User received a… Read more.

Implementing Windows Advanced Logging Cheat Sheet with SureLog SIEM

There are many references to Windows Advanced logging. [1] [2]. Windows has some great built-in capabilities for detecting abuse — capabilities and SureLog implemented those referances and this is the fastest way to hunt windows endpoints. Everyting is ready as a reports… Read more.

SureLog SIEM Security Data Visualization Enrichment With Kibana

SureLog recently integrated with Kibana, an open-source data visualization tool that provides additional flexibility when navigating data. This allows users to create custom visualizations and interactive dashboards for greater visibility into an environment. Why Use Kibana? Kibana offers histograms, line graphs, pie charts… Read more.

Creating New Dashboards With SureLog SIEM

The SureLog application features dashboards on various security topics. Dashboards deliver monitoring and reporting metrics to track the state of security throughout the network. These are simple to configure and user friendly, while allowing users to read a summary of… Read more.

User and Entity Profiling with SureLog

Organizations need to guard against not only outsider cyber criminals but also rogue insiders. To effectively deal with insider threats, a layered security approach leveraging both preventive and detective security controls should be in place… Read more.

Domain Generation Algorithm (DGA) Detection in SureLog

DNS is probably the best source of data for detecting an attacker’s command and control activity, which can be isolated by looking at outbound DNS requests. Botnets play an important role in malware distribution and they are widely used for spreading… Read more.

Hunting Critical Process Masquerade Using SureLog SIEM

A popular technique for hiding malware running on operating systems is to give it a name that’s confusingly similar to a legitimate operating system process, preferably one that is always present on all systems. Processes whose names are confusingly similar… Read more.

Hunting Malware and Viruses by Detecting Random Strings Using SureLog SIEM

There are malware tools available that can create Windows services with random service names and descriptions. Emotet infection is an example of malicious services created on the machine. This is due to how Emotet installs itself on a machine, creatingr… Read more.

Detecting Top 4 Tools Used by Cyber Criminals Recently With SureLog

Cyber Criminals are using various malicious tools for cyber-attacks based on the target’s strength to infiltrate the sensitive data and more often nowadays Publicly Available Hacking Tools are mainly used by threat actors for various attacks around the world. Here… Read more.

Large Scale SureLog SIEM Implementation

Today’s computer networks produce a huge amount of security log data. The security event correlation scalability has become a major concern for security analysts and IT administrators when considering complex IT infrastructures that need to handle huge amount of security… Read more.

GDPR Use Cases

A SIEM’s power is in its correlation. SureLog has advanced threat detection capabilities. SureLog combines alerts, advanced correlations, profiles, user behavior rules to detect threats. Also SIEM can help to be compliant with the GDPR by providing visibility into log data… Read more.