CyberSIEM's BLOG

Linux monitoring by CyberSIEM
SIEM System

Advanced Linux threats Monitoring

In this article, we will discuss UnixLinux’s standard Monitoring capabilities and will present CyberSIEM’s unique developments that expand and upgrade Linux Monitoring Capabilities. These capabilities

Read More »
CSV to ActiveList
ArcSight Tools

CSV to ActiveList

When you want to add external information to Active Lists in ArcSight as a solution, you have to build a custom flex connector, parse the data, and create a pre-persistent rule that will add the information to the Active List.

Read More »
ArcSight Rule Action - Telegram Message
ArcSight Tools

ArcSight Rule Action – Telegram Message

Any conversation with the bot has a unique Chat ID, the bot will need this ID to know where to send the message. Of course, you can use the same bot for a few conversations, and send different alerts to each group.

Read More »
Nested Groups in Active Directory
Use Cases

Nested Groups in Active Directory

We should pay attention to each and every nested group that is a member of our sensitive groups, to ensure that we will know about every user that inherits these kinds of permissions.

Read More »
Rules based on aggregate SUM
Guide

Rules based on aggregate SUM

How to create a data monitor which will collect the information from the last X time, and sum the quantity and create a rule that use the audit events of the Data Monitor to check if the value is more than a specific threshold.

Read More »
Subscribe to stay  
updated

DETECT, LOCATE