Two Problems, One Solution

Two Problems, One Solution

A few months ago I came to the conclusion that our approach to security event monitoring was flawed. Traditional alert-based systems generate low fidelity indications of compromise and make a lot of work for SecOps triage teams. On the other hand, UEBA based systems fair no better. If their output…

Read More

Build your own SIEM – Part II

Previously I introduced the idea of building your own UEBA system but I mainly talked about a specific data science project of mine designed to avoid the challenge of just adding risk scores to individuals or systems. In this article I want to take a step back and look at…

Read More

Sizing for SIEM

Security Information and Event Managment (SIEM) is a valuable tool to give you insight into what is happening, from a security perspective, in your environment. It allows you to react to developing threats and it gives you the ability to report upwards to management in a way they can understand.…

Read More

GDPR and Security Monitoring

There seems to be a lot of confusion out there about how GDPR relates to security monitoring so I thought I’d take a moment to explain. GDPR is a wide ranging piece of legislation which was introduced to standardise data protection across EU states. In many ways GDPR was not…

Read More

How does a UEBA system work?

User and Entity Behavioural Analytics systems have changed the way organisations do security monitoring and have been responsible for detecting and thwarting some of the most major potential security breaches in the last few years. A UEBA system is often the first thing an organisation reaches for after they have…

Read More

About Us

Welcome to the home of advanced Information Security. Here you can learn about using Machine Learning and advanced analytics to improve your security environment.

In addition we will provide impartial advice about security technologies such as SIEM (Security Information and Event Management) and UEBA (User and Entity Behavioral Analysis) systems.

If you’d like help or advice on any of these subjects, or if you’d like to submit your own articles for consideration, then you can contact the site administrator through Linkedin. Check out the Contact page for more details.

Recent Posts

Categories