Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @Nxlog_team
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Nxlog_team
-
However, if you are looking for configuration samples and guidance on
#WindowsEventIDs to collect see our new section complete with configuration samples to get started.http://bit.ly/2Rz96o7Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Very interesting question to ask. Anyone have more ideas? "What are your most commonly excluded
#WindowsEvent IDs? Setting up Event ID to a#Syslog server and I'm trying to filter out the extra fluff. What IDs are just plain unnecessary?"http://bit.ly/2tmFodZPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
There are several ways that
#WindowsGroupPolicy related logs can be acquired; Group Policy Operational logs and Security logs from#WindowsEventLog, Event Tracing for Windows (ETW) and File-based logs found in the file system. http://bit.ly/2GOkYxu pic.twitter.com/72Qw0xKFAS
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Efficient log collection is one of the key components for a successful
#SIEM deployment in this whitepaper published by@attcyber. NXLog can be integrated with#AlienVault USM for#logcollection https://cybersecurity.att.com/documentation/usm-appliance/supported-plugins/configuring-nxlog.htm …https://learn.alienvault.com/c/6-steps-to-siem-succ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
There are multiple ways to collect
#USBauditing events with NXLog: from the#WindowsEventLog, tracing them using ETW, monitoring them in Windows Registry and reading the http://SetupAPI.dev .log file in the file system. http://bit.ly/2Gyl7oV pic.twitter.com/YW9oOjqu4o
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
MITRE ATT&CK for Industrial Control Systems released. ATT&CK for ICS is a knowledgebase useful for describing the actions an adversary may take while operating within an
#ICSnetwork. Use NXLog to collect#logdata to help detect potential adversary tactics. https://collaborate.mitre.org/attackics/index.php/Main_Page …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
On the /r/sysadmin thread "Securing a Windows network", a user suggests "Setup graylog or some other log consolidation tool and use nxlog on everything to start a logging repository." but see the post for the full advice for
#WindowsAdmins!https://www.reddit.com/r/sysadmin/comments/ehw5oa/securing_a_windows_network/fcmjf2o/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"Security Engineering includes foundational and wide reaching strategic projects. Examples could include centralized
#logging, identity, asset management of devices, policy enforcement of systems and network infrastructure [..]" by@Magoohttp://bit.ly/3aCjnsrHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
On /r/Cisco: "If you are on a AD/windows environment, you should be able to use NXlog to redirect the DNS server logs over to graylog." https://www.reddit.com/r/Cisco/comments/ehnt7n/logging_dns_requests_with_asa/fckqh7x/ … -> See our Cisco ASA section athttps://nxlog.co/documentation/nxlog-user-guide/cisco-asa.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Just released: A new section and sample configuration snippets to monitor for security-relevant Windows Event Log IDs. Use the im_msvistalog module available in the Community and Enterprise Editions.http://bit.ly/2Rz96o7
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The OWASP Foundation has included "Insufficient Logging and Monitoring" in the OWASP Top 10
#APISecurity Risks 2019 list. Read the full list at http://bit.ly/38vk5pLHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Did you know? You can configure to configure an alarm with NXLog. Interesting thread about configuring a sound alarm but look into invoking a program using xm_exec module http://bit.ly/3axyCTJ
#datasecurityHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The process of how you can get threat intelligence into your environment is an important component to consider for your
#SIEM. Our integrations with various SIEM suites will help build a solid foundation in obtaining this intel.https://nxlog.co/integrationsHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
NXLog listed in the "Migrating AIX Workloads to Azure: Approaches and Best Practices" https://techcommunity.microsoft.com/t5/azurecat/migrating-aix-workloads-to-azure-approaches-and-best-practices/ba-p/1085983 …
#sysadminHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Very interesting post on how an attacker can go from 0 to lateral movement in 36 minutes? These indicators (ie from PsExec, new logins, RDP events, etc) can actually be logged using NXLog modules such as im_msvistalog for Windows Event IDs. http://bit.ly/2T7s1bY
#CyberAttackHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"However, reality proves that security analysts are bombarded with long, manual, and time-consuming tasks preventing a speedy response. One of those major roadblocks is data does not exist or limited data is only available in cold storage[...]"http://bit.ly/37EPxRG
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"The
#datalake approach is to collect everything as-is and apply different analytics based on the questions you’ll need to answer in the future." (from Omar of@SnowflakeDB)http://bit.ly/2QT5c9hHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
"
#datalakes are different because the structure of the logs does not have to be defined when data is captured." (from Omar of@SnowflakeDB)http://bit.ly/2QT5c9hHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Yes, don't try to hunt before there is logging and
#logdata collection indeed. An interesting post to read and think about to improve your#SOC team's capabilities.http://bit.ly/2QygAslHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Level up your NXLog admin
#debugging skills with our enhanced section in the User Guide.http://bit.ly/39WshkmHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.