Security information event management (SIEM) software is a suite of solutions that facilitate the collection, oversight, and analysis of log data from multiple computer systems across distributed IT systems. SIEM software’s main purpose is to identify threats and report suspicious activity.
The Center for Internet Security (CIS) critical security controls (initially developed by the SANS Institute and known as SANS Critical Controls) are a list of recommended high-priority and highly effective defensive actions. These actions are the starting point for any business, enterprise, and company looking to improve their cybersecurity, and are viewed as “must-do, do-first” actions.
Watch our Recorded Interview with a MSP Discussing the Impact of COVID-19 on Service Providers and Customers
As part of StratoZen’s effort to support the MSP community during these challenging times, we hosted a live interview with one of our MSP partners. In this interview, moderated by Eric Gravett, CRO of StratoZen, Don Baham, President of Kraft Technology Group and Chris Gebhardt, VP of Operations of StratoZen, discussed the impacts of the COVID-19 pandemic on both businesses and customers.
To aid organizations in communicating common and emerging threats to users, we are providing a list of example threats that we’re watching specific to the COVID-19 outbreak.
As many companies around the country begin work-from-home policies, we’re seeing an increase in the number of cybersecurity attacks aimed at end users and end user systems. We know that many IT operations teams – both in-house enterprise teams and Service Providers – are scrambling to implement the technical capabilities and processes to enable a remote workforce.
My last post, entitled “What is SOAR and why is it important”, illustrated why SOAR is needed in the industry alongside faster maturation. If you didn’t catch that one, I’d suggest reading it first for context. With that post as the backdrop, I will now focus on how we can solve the two main issues with traditional SIEM and SOC: response time and expertise, both of which SOAR promises to solve.
Security Orchestration, Automation and Response (SOAR) has been getting a lot of attention recently. I thought it would be good to take a moment and discuss what it is and why it is important to the industry. Gartner was the first to formally define SOAR: “SOAR refers to technologies that enable organizations to collect inputs monitored by the security operations team.
Anyone in the cybersecurity field will tell you that enabling Multi-Factor Authentication is the single most important service to prevent nefarious account take-overs. While this information is true, it is also artificially imputed that with MFA enabled, password security is reduced.
It is 3:00 am and you get a call from your service provider that monitors your network for cybersecurity attacks. These are the calls you dread. The analyst tells you they are seeing a real-time MS-SQL injection attack. The attack is coming from a source in China to one of your servers.
StratoZen espouses a near-zero false positive rate of alerting in our SIEM and SOC as a service environment to our clients. That is a pretty bold statement, one challenged frequently as a result of a misunderstanding. So, what exactly is a false positive?
As I spoke with many CIOs and heads of IT at a recent financial services conference, I realized that these organizations are tired of being told that they need to change out their technology stack, replace the systems and SIEM solutions they have already invested in, or add yet another piece of agent software to the systems.
The best fabric in the world must be custom tailored by an expert to achieve the perfect fit. The Fortinet Security Fabric is a groundbreaking approach to information security, and StratoZen is the custom tailor that makes the Security Fabric fit your business.
The world of cybersecurity has had some fundamental shifts in the past few years that have made the vast majority of companies unprepared for today’s threats. The proliferated use of malware for example has dramatically reduced the intrinsic value of traditional security solutions such as firewalls, IDS/IPS, and anti-virus software.