SIEMDetecting account compromise with SIEM
Detecting attacks related to compromised accounts with AI and other updates in Kaspersky SIEM.
82 articles
UEBA rules in a SIEM system
Using anomalies in the behavior of users, devices, applications, and other entities to detect cyberthreats.
The hidden costs of free SIEM
While open-source projects let you build almost any infosec solution, it’s crucial to realistically assess your team’s resources and the time it would take to achieve your goals.
Hardware for SIEM systems
How to estimate what and how much hardware will be needed for a SIEM system to assess the costs before deployment?
Kaspersky SIEM: early threat detection and other improvements
Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.
Expanding the functionality of our SIEM system
Detection of techniques for disabling or modifying a local firewall, and other enhancements to the Kaspersky Unified Monitoring and Analysis Platform.
What SIEM is and how it protects medium-sized businesses
Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?
The evolution of the SIEM system
We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.
How to increase the efficiency of SIEM
What’s new in Kaspersky Unified Monitoring and Analysis Platform 3.0.3.
How to reduce the load on SIEM and make good use of threat-intelligence feeds
How a threat-intelligence platform helps SOC analysts.
Teach your SIEM to detect more threats
Using the Machine-Readable Threat Intelligence Platform fits well with our general position on security: multilayeredness everywhere.
How to detect FortiCloud SSO authentication bypass
Kaspersky SIEM got a set of correlation rules for detecting attempts to exploit vulnerabilities for authentication bypass in Fortinet products.
The practical value of cyberthreat attribution
Why is it useful to attribute malware to a specific hacker group?
AIAI agents in your organization: managing the risks
The top-10 risks of deploying autonomous AI agents, and our mitigation recommendations.
Forgotten IT infrastructure: even worse than shadow IT
How to eliminate the threat posed to organizations by ownerless servers and services, outdated libraries, and insecure APIs.
embedded systemsSecuring embedded devices in 2025
Identifying threats to embedded devices, and how the updated Kaspersky Embedded Systems Security can help in tackling them?
browsersBrowser extensions: never trust, always verify
Systematic measures and tools that organizations can use to defend against malicious browser extensions.
vulnerabilitiesPrinters attacked by… fonts
We examine how popular Canon printers could become a foothold for attackers within an organization’s network.
Detecting DLL hijacking
Our experts trained an ML model to detect attempts to use DLL hijacking, and integrated it into the Kaspersky SIEM system.