Microsoft Sentinel – History of SIEM
SIEM technology began in the 1990s to centralise logs, evolved to real-time event analysis, and now uses machine learning for proactive threat detection.
SIEM technology began in the 1990s to centralise logs, evolved to real-time event analysis, and now uses machine learning for proactive threat detection.
Microsoft Sentinel requires understanding SIEM concepts and terminology including SOC, SOAR, parsing, syslog, CEF, LEEF, CTI, TAXII, and STIX. Future posts will explore these further.
A quick article on Yubikeys and how they can be a cost effective means of improving your Security.
Hacking doesn’t always need to be done with a computer, it can be done with words.
An introduction to Single Sign-On, SAML and MFA.
A ‘short’ list of Acronyms I have come across since working in IT. This isnt a full list but I will be sure to add
Read about what steps to take when an Office365 account has been compromised.
Secure your mobile devices with a combination of MDM, MAM and MTD.
Sophos Cloud Optix provides the next step that takes DevOps to DevSecOps, and provides valuable insights of resources that are compliant.
Get visibility and intelligence to how well configured your cloud resources are with Sophos Cloud Optix!