Get started

Network threat detection

• How can SIEM and SOAR software work together?

  Many security pros initially thought SOAR software could replace SIEM. Our security expert advocates learning how SIEM and SOAR can work together. Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading

• The future of SIEM: What needs to change for it to stay relevant?

  Compared to security orchestration, automation and response (SOAR) software, SIEM systems are dated. Expert Andrew Froehlich explains how SIEM needs to adapt to keep up. Continue Reading

• information security (infosec)

  Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Continue Reading

• sandbox (computer security)

  A sandbox is an isolated testing environment that enables users to run programs or execute files without affecting the application, system or platform on which they run. Continue Reading

• Definitions to Get Started

  • information security (infosec)
  • sandbox (computer security)
  • IP Spoofing
  • honeypot (computing)

  • unified threat management (UTM)
  • security information and event management (SIEM)
  • domain fluxing

  View All Definitions

• 5 actionable deception-tech steps to take to fight hackers

  Consider taking these five 'deceptive' steps to make your detection and response capabilities speedier, more effective and to improve your company's security posture.Continue Reading

• IP Spoofing

  IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.Continue Reading

• honeypot (computing)

  A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.Continue Reading

• SIEM evaluation criteria: Choosing the right SIEM products

  Establishing solid SIEM evaluation criteria and applying them to an organization's business needs goes far when selecting the right SIEM products. Here are the questions to ask.Continue Reading

• SIEM benefits include efficient incident response, compliance

  SIEM tools enable centralized reporting, which is just one of the many SIEM benefits. Others include real-time incident response, as well as insight for compliance reporting.Continue Reading

• A comprehensive guide to SIEM products

  Expert Karen Scarfone examines security information and event management systems and explains why SIEM systems and SIEM products are crucial for enterprise security.Continue Reading

• AI and machine learning in network security advance detection

  Applying AI, and specifically machine learning, in network security helps protect enterprises against advanced persistent threats and sophisticated cybercriminals.Continue Reading

• unified threat management (UTM)

  A unified threat management (UTM) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and ...Continue Reading

• security information and event management (SIEM)

  Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of organization’s information technology (IT) security. Continue Reading

• Five questions to ask before purchasing NAC products

  Organizations are recognizing the need for network access control systems, but it is important to evaluate and perform research before you invest in enterprise NAC products.Continue Reading