SIEM

Contenido SIEM

Blog posted on 03/02/2022

Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.

Blog posted on 07/10/2021

It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.

Blog posted on 14/11/2019

Today, it is common to find SIEM deployed in the IT infrastructures of all kinds of organisations, to be able to monitor and analyse security alerts in applications, systems, network devices, etc. However, though time and resources are being invested in industrial environments, it is still unresolved.

Blog posted on 31/10/2019

The honeypots, the recommended requirements for their correct implementation, the different possible types and their evolution until today, where they are implemented forming a honeynet.

Blog posted on 28/06/2018

Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.

Blog posted on 09/11/2017

The IDS, IPS and SIEM are equipment originally designed for IT environments but whose adaptation to TO environments has been forced in recent years due to a proliferation of attacks on industrial environments.