The SIEM 4th Dimension – Timestamp: Unlocking the Secrets of SIEM Log Timestamps
When dealing with timestamps in SIEM logs, it is crucial to understand the origin and context of each specific timestamp. In SIEM events, multiple timestamps can be encountered, including: 1. End Time – The moment when the event indeed took place. 2. Device Receipt Time – The point when the device obtained the event from […]
Demystifying SIEM Log Collection and Parsing: What You Need to Know
Introduction: Security Information and Event Management (SIEM) systems play a crucial role in organizations’ cybersecurity efforts. They collect, analyze, and correlate logs from various sources to detect and respond to security incidents. In this article, we’ll explore the process of gathering logs from diverse sources for a SIEM system, the importance of log parsing, and […]
“It’s good to be the king” – is that so?
How to use a grid field In this post, our SOAR expert, Mr.Ben Aviv, will demonstrate how to use a grid field in XSOAR (Demisto).
How to prevent your SIEM from being blind
We should pay attention to each and every nested group that is a member of our sensitive groups, to ensure that we will know about every user that inherits these kinds of permissions.