My account

Year: 2018

Uncoder.io User Guide

421

Introduction to Sigma   Sigma, created by Florian Roth and Thomas Patzke, is an open source project and initiative for creating a structured language for SIEM detection content. The concept is analogous to YARA for file-based detections, SNORT for IDS, and STIX for threat intelligence. However, Sigma takes this one step further by abstracting detection […]

Sigma Rules Guide for ArcSight

655

Introduction to Sigma Sigma, created by Florian Roth and Thomas Patzke, is an open source project to create a generic signature format for SIEM systems. The common analogy is that Sigma is the log file equivalent of what Snort is to IDS and what YARA is for file based malware detection. However, unlike Snort and […]

The Theory and Reality of SIEM ROI

616

Many things are written about SIEM, yet my personal experience with these wonderful tools began back in 2007. Today the technology itself is more than 18 years old and SIEM is by all means a mature market. Together with clients, team and partners I was privileged to actively participate in more than a hundred of […]

About a week ago we got this info from one of our partners “We are seeing phishing emails flying in our environment (Internal to Internal)” along with sharing an email sample with us. Today we’re going to analyze the recent phishing attacks targeted at Fortune 500 and Global 2000 companies dubbed “Stealthphish” aimed at compromising […]