SOC

Featured Use Case: Why a Large US Utility Company Turned to MixMode to Address Utility Grid Vulnerabilities

| | Blog, case-study, Network Security, SIEM, SOC
A large utility company approached MixMode with the following scenario: The enterprise SOC was utilizing a shared SIEM application that was being utilized by several stakeholders: the networking team, the SCADA team, ...
MixMode
Introducing the Cloud Sensor for GCP

Introducing the Cloud Sensor for GCP

| | Announcements, aws, google, Google GCP, Google Kubernetes, IaaS, json, Kafka, Microsoft Azure, MTU, Product, SIEM, SOC, Splunk, Suricata, syslog, TAPs, TCP, Terraform, vpc, Zeek
By Vijit Nair, Sr. Director, Product Management, Corelight Visibility is paramount in securing your cloud environment – as the adage goes, you cannot protect what you do not see. However, comprehensive visibility ...
Bright Ideas Blog

Combat Alert Fatigue

| | Cybersecurity, cybersecurity alerts, false positives, Security Operations Center, SOC, Threat Intelligence
Improve Productivity of Your SOC Personnel Through Menlo iSOC I get it—it’s been a hard year for the cybersecurity industry. Covid-19 pushed users from a safe, central, hardened data center out to ...
Menlo Security Blog

Featured Use Case: Why a Large Government Entity Replaced Their SIEM with MixMode

| | Blog, SIEM, SOC, Third Wave AI, UBA, use case
Despite a three-year SIEM deployment and a two-year UBA deployment, government personnel needed an alternative to better detect and manage threats in real-time, as well as an improved platform for gathering comprehensive ...
MixMode
How Vendors Capitalize on SIEM’s Fundamental Flaws

How Vendors Capitalize on SIEM’s Fundamental Flaws

| | Blog, SIEM, SIEM tools, SOC, whitepaper
Because the fundamental nature of SIEM requires infinite amounts of data, security teams are forced to constantly wrangle their network data and faced with an unmanageable number of false positive alerts. This ...
MixMode

The Case Against Using a Frankenstein Cybersecurity Platform

| | Blog, Network Baselines, Network Detection and Response, Network Security, network traffic analysis, Predictive AI, Self-Supervised AI, SIEM, SIEM tools, SOC, Unsupervised AI
The cybersecurity market has, simply put, been cobbled together. A tangled web of non-integrated systems and alerts from siloed systems. Enterprises are now being forced to utilize a “Frankenstein” of stitched together ...
MixMode
GitHub

Sooty – A SOC Analysts Tool – Part I

| | intrusion analysis, SOC, Sooty
 Sooty is a SOC analysts tool that would also work well for an individual intrusion analyst. It's available at https://github.com/TheresAFewConors/Sooty. I've installed it on a Fedora test box at my day job; I'm ...
JeffSoh on NetSec
Improving on the Typical SIEM Model

Improving on the Typical SIEM Model

| | Blog, NDR, Network Baselines, Network Detection and Response, network traffic analysis, NTA, Predictive AI, SIEM, SOC
Despite its inherent flaws, today’s SIEM software solutions still shine when it comes to searching and investigating log data. One effective, comprehensive approach to network security pairs the best parts of SIEM ...
MixMode
security analysts

Pandemic Pushes Security Analysts to the Brink

| | cyberstress, Pandemic, risk, Security Operations Center, SOC
Even when times are good, security analysts working in Security Operations Centers (SOCs) are up against it. They must stay on top of a rising tide of ever-changing threats, knowing all the ...
Security Boulevard

Webinar Recap: The Failed Promises of SIEM

| | Blog, Self-Supervised AI, SIEM, SOC, threat detection, Webinar, Zero Day Attacks
MixMode teamed up with Ravenii to host a webinar focused on the history and evolution of SIEM platforms, their ideal role in a SOC today, and how they fall short as a ...
MixMode
Load more