SIEM

Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system.

Detection of techniques for disabling or modifying a local firewall, and other enhancements to the Kaspersky Unified Monitoring and Analysis Platform.

How to implement an SIEM-system in a medium-sized business.

Medium-sized businesses increasingly find themselves on the receiving end of targeted attacks. What tools does one need when basic security proves inadequate?

We’re expanding the capabilities of the Kaspersky Unified Monitoring and Analysis SIEM system by adding new normalizers and correlation rules.

What’s new in Kaspersky Unified Monitoring and Analysis Platform 3.0.3.

What are the most common MITRE ATT&CK techniques encountered in real-world incidents — and how to neutralize them? We investigate using statistics from Incident Response and MDR services!

To go undetected, attackers can operate in your network without any malware at all. How to detect them and prevent damage?

Mistakes commonly found in almost every large organization. What should the inforsec team look out for, and what protective measures should they take?

What tasks needlessly overload infosec experts, and how to break the curse of overtime.

APT operators are showing increasing interest in mobile devices. Our experts have studied one of their tools.

To protect themselves, businesses need to take a proactive approach, constantly adapting their security controls to the ever-changing threat environment.

Using the Machine-Readable Threat Intelligence Platform fits well with our general position on security: multilayeredness everywhere.