SIEM

How and why we deploy artificial intelligence in our SIEM system.

What information does an MDR service need to protect a company from complex targeted attacks?

How to estimate what and how much hardware will be needed for a SIEM system to assess the costs before deployment?

Detection of tactics involving malicious DLL registration and other Kaspersky SIEM improvements in Q4 2024.

Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.

Detection of techniques for disabling or modifying a local firewall, and other enhancements to the Kaspersky Unified Monitoring and Analysis Platform.

Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?

We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.

What’s new in Kaspersky Unified Monitoring and Analysis Platform 3.0.3.

What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!

To go undetected, attackers can operate in your network without any malware at all. How to detect them and prevent damage?

Mistakes commonly found in almost every large organization. What should the inforsec team look out for, and what protective measures should they take?

What tasks needlessly overload infosec experts, and how to break the curse of overtime.

APT operators are showing increasing interest in mobile devices. Our experts have studied one of their tools.

To protect themselves, businesses need to take a proactive approach, constantly adapting their security controls to the ever-changing threat environment.

Using the Machine-Readable Threat Intelligence Platform fits well with our general position on security: multilayeredness everywhere.