Recently I was asked if #sigma rules are supported by #syslog_ng:

https://github.com/SigmaHQ/sigma

syslog-ng has message parsing, filtering, can be used for alerting. But I'm not aware of a tool turning Sigma rules into PatternDB and syslog-ng.conf

Syslog-ng can send logs to #splunk, #elastic stack, @OpenSearchProj, @Graylog, all which already have #sigma rules integrations.

Of course many users use/abuse syslog-ng as a kind of #SIEM-lite.

If you already use syslog-ng with #Sigma rules: let me know!

A few weeks ago I setup #Wazuh as per #NetworkChuck 's #youtube video. So far it's been pretty interesting to see what's going on in and outside of my network. Definitely completely SILENCED a massive ginormous ssh attack that I didn't even notice and hadn't secured against (rip) good thing my passwords are stupid long. Much more fun to do! #cybersecurity #tech #SIEM #security #IT #hacking

What is Security Onion, an #opensource Intrusion Detection System #IDS Tool 👇️💡️

https://cybersecuritynews.com/security-onion/
#cybersecurity #siem #logs #monitoring

I’m about $300 away from my goal of purchasing a new #pfsense firewall. Once I transfer everything to the new firewall I will try and do a #twitch stream setting up a firewall from scratch using my cell backup internet. Then once I run through that for y’all I will wipe it clean and make the current box a @grafana and #SIEM box using #Wazuh probably.

So if you want to help out please tip me in my links or subscribe on #tiktok or twitch #streamer #linux #opensource #cybersecurity #infosec

"EDR is to NGAV, what XDR is to SIEM"

Secureworks Chief Product Officer shares insight on the advanced correlation and stitching of data that XDR allows for, as it widely replaces SIEM investments.

Watch the full video: https://youtu.be/UuT_T1DiIkY
#SIEM #XDR #cybersecurity

#microsoftsentinel #whatsnew June 2023 #secops #siem
https://tinyurl.com/mssentinel062023

Did you know Bitwarden has an official Splunk app? Use it to add #SIEM protection to Bitwarden accounts and the credentials within! https://bitwarden.com/blog/using-splunk-with-bitwarden-password-manager/

#cybersecurity #security #passwordsecurity #passwordmanager

Hat jemand schon mal #wazuh , #thehive, #cortex und #misp miteinander verheiratet?
Das sind geniale Opensource Projekte für ein SIEM / SOC Konzept.
Würde mich über einen Know-How Austausch freuen.

#SOC #SIEM #wazuh #misp #thehive #cortex #malware #security #opensource #linux

By the end of this article, you will have the knowledge and skills needed to make updates to your Sumo Logic collectors programmatically.

I hope that helps! 😊

#SumoLogic #LogMonitoring #SIEM #CyberSecurity #InfoSec #BlueTeam #SOC

https://loggar.hashnode.dev/updating-a-sumo-logic-collector-using-the-api

Here's my new article about how to implement a simple File Integrity Monitoring for @SumoLogic

Hope it helps! 😉

#cybersecurity #infosec #PCIDSS #compliance #BlueTeam #SOC #SumoLogic #FIM #SIEM

https://loggar.hashnode.dev/an-approach-for-deploying-simple-file-integrity-monitoring-fim-using-sumo-logic

Today in our #EverythingOpen redux, we present @ctudball, who takes us on a tour of how the#InfoSec landscape has changed, the move to #ZeroTrust, #OpenStandards efforts, and the advent of #OCSF - a standard #taxonomy for representing #SIEM events, and the platform-agnostic @opentelemetry.

https://www.youtube.com/watch?v=6o6YlTE-PzQ

How would you explain the problem of running multiple different #SIEM solutions to executives? Give me some good analogies they can understand.

Un nouveau blog post 📝 AWS en français 🇫🇷 utiliser Amazon OpenSearch pour SIEM

#security #cloud #aws #siem

https://aws.amazon.com/fr/blogs/france/comment-utiliser-aws-security-hub-et-amazon-opensearch-service-pour-siem/

When you explain that every #SIEM is basically just #syslog with parsing engines and alerts.

Anyone else read a lot of #marketing #buzzwords in here? #ZeroTust also makes me think that they may have had a very open model and that is why #russia was able to take them down. #caveat - I still need to read the #viasat hack lesson learned. I mean all I read here is a #SIEM was introduced. https://spacenews.com/viasat-deploying-zero-trust-cybersecurity-across-global-network/

"Creating and maintaining 'good' policies will allow your organization to see the most impact on adjudicating concerning violations, while dismissing the non-concerning alerts. What data source an event comes from and how it’s monitored affect the quality of the signal. Having the broad knowledge base of a cloud-based NextGeneration Security information and event management (Next-Gen #SIEM) can reveal more than trying to work in isolation. Read the report:
https://www.securonix.com/resources/quantifying-siem-effectiveness/
#infosecurity #cybersecurity

"What is surprising about this chart is not necessarily the fact that as an organization adds more data sources that it deploys more policies, but rather that the number of those policies grows exponentially." Download the Report: https://lnkd.in/e4ruMfwr #infosec #cybersecurity #SIEM

OMG, @datadoghq wins at #siem blogging. They are naming names! @anton_chuvakin, you'll like this.

https://audit-logs.tax/

"A list of vendors that don’t prioritize high-quality, widely-available audit logs for security and operations teams."

#datadog #infosec #audit #auditlogs

"Debating #SIEM in 2023, Part 1" https://medium.com/anton-on-security/debating-siem-in-2023-part-1-992bfe095334 <- a discussion of SIEM relevance in 2023, its challenges, use cases and other fun stuff (ducks? lakes?)

Do you want to read a relatively fun blog about #SIEM? Probably not, but here it is anyway: https://medium.com/anton-on-security/debating-siem-in-2023-part-1-992bfe095334 :-)