Kaspersky SIEM: early threat detection and other improvements
Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.
58 articles
Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.
Detection of techniques for disabling or modifying a local firewall, and other enhancements to the Kaspersky Unified Monitoring and Analysis Platform.
Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?
We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.
What’s new in Kaspersky Unified Monitoring and Analysis Platform 3.0.3.
How a threat-intelligence platform helps SOC analysts.
Using the Machine-Readable Threat Intelligence Platform fits well with our general position on security: multilayeredness everywhere.
Analyzing incidents and drawing lessons from them should be an integral part of the incident response process. This can help improve the overall security level of a company.
We share our experience on the optimal use of AI models in the SOC of our Kaspersky MDR service.
AI has dozens of applications in cybersecurity. Which ones are the most effective?
Our developments, products, research, patents and expert teams harnessed for AI.
Windows Downdate is an attack that can roll back updates to your OS to reintroduce vulnerabilities and allow attackers to take full control of your system. How to mitigate the risk?
How to protect the less obvious parts of your IT infrastructure (and from what) — from printers and video surveillance kit to insulin pumps.
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
Although Microsoft has radically revised the rollout plan for its controversial Recall feature, cybersecurity teams can’t afford to ignore the issue of “AI onlookers.
Today we talk about our five main centers of expertise and their contribution to Kaspersky’s products, threat intelligence and expert cybersecurity services.
Based on our analysis of ZKTeco vulnerabilities, we dissect the risks associated with biometric authentication.
Today we discuss which services and applications should be patched first, and what attackers are focusing on.
What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!