SIEMKaspersky SIEM: early threat detection and other improvements
Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.
57 articles
Expanding the functionality of our SIEM system
Detection of techniques for disabling or modifying a local firewall, and other enhancements to the Kaspersky Unified Monitoring and Analysis Platform.
What SIEM is and how it protects medium-sized businesses
Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?
The evolution of the SIEM system
We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.
How to increase the efficiency of SIEM
What’s new in Kaspersky Unified Monitoring and Analysis Platform 3.0.3.
How to reduce the load on SIEM and make good use of threat-intelligence feeds
How a threat-intelligence platform helps SOC analysts.
Teach your SIEM to detect more threats
Using the Machine-Readable Threat Intelligence Platform fits well with our general position on security: multilayeredness everywhere.
AIWill AI replace SOC analysts?
We share our experience on the optimal use of AI models in the SOC of our Kaspersky MDR service.
artificial intelligenceAI in cybersecurity automation
AI has dozens of applications in cybersecurity. Which ones are the most effective?
Kaspersky AI Technology Research Center: who we are and what we do
Our developments, products, research, patents and expert teams harnessed for AI.
office
How to guard against Windows downgrade attacks
Windows Downdate is an attack that can roll back updates to your OS to reintroduce vulnerabilities and allow attackers to take full control of your system. How to mitigate the risk?
vulnerabilitiesWhich devices on your network are most vulnerable?
How to protect the less obvious parts of your IT infrastructure (and from what) — from printers and video surveillance kit to insulin pumps.
How the adversary-in-the-middle technique is used in spearphishing attacks
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
How to prepare corporate cybersecurity for all-seeing AI assistants
Although Microsoft has radically revised the rollout plan for its controversial Recall feature, cybersecurity teams can’t afford to ignore the issue of “AI onlookers.
Kaspersky Expertise Centers
Today we talk about our five main centers of expertise and their contribution to Kaspersky’s products, threat intelligence and expert cybersecurity services.
Hidden dangers of biometric authentication devices
Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.
Exploited vulnerabilities in 2023 and 2024
Today we discuss which services and applications should be patched first, and what attackers are focusing on.
Top 10 cyberattack techniques used against organizations
What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!
The Bad Batch: Tantiss base security
Cybersecurity measures of Tantiss base as depicted in the third season of “Star Wars: The Bad Batch”