Every time I think I'm pronouncing #SIEM correctly, I hear it pronounced the other way and I doubt myself. Is it "seem" or "sim", or is it just preference? #cybersecurity
Had a meeting with #Datadog last week about their #SIEM option and they were showing how we can gather information from #InfoSec Twitter with IoC and such information discovered. I interjected and said basically, "With InfoSec Twitter pretty much dead can we use Mastodon if we just setup our own API connections?" They said that's of no issue. So yes #Mastodon will be a source of information we can analyze, and no it will not be running off this server #Cybersecurity#OpenSource
There is a new remote code execution vulnerability in Splunk that has been recently disclosed. It has a CVSS score of 8.8/10 and is currently tracked as CVE-2023-46214.
Looking for some help, my company might not be able to fully patch CVE-2023-4863 aka BLASTPASS for a few days. Does anyone know a way of detecting exploitation of this through Splunk? Can you see it in web server logs? Next-gen firewall? WAF? I’m not seeing much info online about how to detect the exploitation.
I’m about $300 away from my goal of purchasing a new #pfsense firewall. Once I transfer everything to the new firewall I will try and do a #twitch stream setting up a firewall from scratch using my cell backup internet. Then once I run through that for y’all I will wipe it clean and make the current box a @grafana and #SIEM box using #Wazuh probably.
Episode 125 "Will #SIEM Ever Die: SIEM Lessons from the Past for the Future" of Cloud Security Podcast where hosts Anton Chuvakin and Timothy Peacock interview David Swift at Netenrich, Inc. about that eternal theme: SIEM