OUR BLOG

CSV to ActiveList
When you want to add external information to Active Lists in ArcSight as a solution, you have to build a custom flex connector, parse the

Active List With Dynamic TTL
Using Active Lists in ArcSight is the correct solution for managing scenarios to exclude from rules conditions. When an Active List is being created as

ArcSight Rule Action – Telegram Message
This tutorial will show you how we, in CyberSIEM, send Telegram messages from ArcSight. How does it work? In this tutorial, we will create a

Nested Groups in Active Directory
Let’s take, for example, a well-known active directory group – Administrators. Every user, group or computer that is a member of this group inherits all

Delete Multiple Cases – ArcSight Tool
Whether you mistakenly defined the rule and it opened up a lot of cases, or a large number of cases were accumulated over time, deleting

Mail impersonation – Mail phishing recognize
The security threat: Mail impersonation is one of the most popular and successful attacks today. This kind of attack can be split into two main

Rules based on aggregate SUM
Use case Example: We want to monitor in Real-time if a user sends in the last 24 Hours more than 100MB via Email. How it

Contain from Active List
Have you ever wanted to create a rule that has the ‘Contain From Active List’ condition in ArcSight? Before starting – consider the following: Be