All articles

ALL SIEM STRATEGY SECURITY ANNOUNCEMENT DEPLOYMENT COMPLIANCE COMPARISON RSS

May 9, 2023

BROP attacks - What is it and how to defend yourself?

Have you ever locked yourself out of your car? After calling for roadside service, your tow truck driver forces the internal locking mechanism open with a slim-jim. Car thieves quickly discovered this technique and began using it to steal cars. Digital thieves have devised a similar attack called a Blind Return-Oriented Programming (Blind ROP, or just BROP) attack. It’s as quiet as a jackhammer on cement, but an attacker can open a remote shell and gain remote code execution on your server if the conditions are right.

May 2, 2023

CISO starter pack - Security Policy

The three characteristics your data must possess at all times, as dictated by your IT Security Policy, are: It must be confidential It must be available and It must not have any unauthorized modifications Your log policy will only be as good as the IT Security policy infrastructure behind it. And as much as we love talking about logs, that’s part of a more considerable general discussion about security policies.

April 24, 2023

Announcing NXLog Enterprise Edition 5.8

We are proud to announce the latest release of NXLog Enterprise Edition, version 5.8. Our newest release includes new modules, better integrations, and additional metrics to collect across your organization. Read on to find out more about some of these new features. Native Salesforce module We’ve built a new native module (im_salesforce) for ingesting logs from Salesforce. With this, you no longer have to run an external Python-based Add-On script.

April 21, 2023

Our customers asked - Execution of powershell scripts inside NXLog Exec modules

PowerShell scripts can be used with NXLog for generating, processing, and forwarding logs, as well as for generating configuration content. In this article, we will take a look at how to execute PowerShell directly from NXLog. You can run a PowerShell script in multiple NXLog instances without using any PowerShell script file, and is achievable through having the script code directly in NXLog’s exec modules. This is ideal because if you need to make any change to the script, it’s easier to modify just the NXLog module rather than change the script on every computer used.

April 20, 2023

Announcing NXLog Community Edition 3.2

We’re glad to announce the latest release of NXLog Community Edition. This release mainly fixes an issue where the file_name() function returns an unknown error. We’ve also stopped officially supporting the Android mobile operating system. Get in touch with our team if you have any questions, or request a free trial of our flagship log collection solution, NXLog Enterprise Edition, below. NXLog Platform is an on-premises solution for centralized log management with versatile processing forming the backbone of security monitoring.

April 13, 2023

MFA Fatigue - What it is, and how to combat it

A multi-factor authentication (MFA) fatigue attack is a form of a social engineering cyberattack strategy where attackers repeatedly try to make second-factor authentication requests to the target’s email, phone, or other registered devices to gain access to the system. You may also hear about MFA Fatigue attack as MFA Bombing, 2FA fatigue, MFA push spam, MFA Spamming, or prompt bombing. Technology administrators are always playing a never-ending battle of cat and mouse when it comes to threat actors.

April 3, 2023

CISO starter pack - Log collection fundamentals

Log collection is essential to managing an IT department because it allows administrators to research historical events throughout a network. Therefore, it’s critical to understand a few key points about collecting logs; the why, and what. We’ll look at a few specific examples of collecting log events efficiently, like incorporating threat modeling to enhance our collection. Implementing log collection policies and procedures is as fun as watching anti-phishing videos. But at the end of the day, the effort put in at the beginning will be worth it.

March 9, 2023

Raijin announces release of version 1.0

Raijin has announced the release of version 1.0 of its powerful schemaless SQL database engine, furthering its goal of "solving schema rigidity" in modern databases. Many new features have been added to this version 1.0 milestone release. Let’s take a look at some of the headline features. The power of SQL without the drawbacks SQL has been the titan of database query languages for decades, and it is still ubiquitous the world over.

February 20, 2023

Our customers asked - Collecting Windows DNS resolved address with NXLog

Windows DNS Server log collection is essential yet complex, primarily because Windows DNS Server provides logs in various places in different forms containing a vast amount of information. Nevertheless, we all know that DNS Server log collection is paramount in IT security. Getting it right can be challenging. The Windows DNS Server section in the NXLog user guide offers a comprehensive guide on collecting log records from a Windows DNS Server.

February 13, 2023

Avoid vendor lock-in and declare SIEM independence

The global Security Information and Event Management (SIEM) market is big business. In 2022, it was valued at $5.2 billion, with analysts projecting that it will reach $8.5 billion dollars within five years. It’s a highly consolidated market dominated by a few major players in the information security field. They want your business, and they don’t want to lose it. As companies ship more and more data to their respective solutions and make use of more and more features, they become specialized and dependent on a vendor.

All articles

Featured posts

Categories

All articles

Sign up

Featured posts

Categories