BLOG HOME

SecurityTrails Blog

Security Information and Event Management (SIEM): History, Definition, Capabilities and Limitations
SecurityTrails Blog · Sep 23 2021 · by Sara Jelen

Security Information and Event Management (SIEM): History, Definition, Capabilities and Limitations

What began as a tool for helping organizations achieve and maintain compliance, security information and event management (SIEM) rapidly evolved into an advanced threat detection practice. SIEM has empowered incident response and security operations centers (SOC) analysts as well as a myriad of other security teams to detect and respond to security incidents.

The 10 Largest Data Breaches and Leaks: Overview, Impact and Settlements
SecurityTrails Blog · Sep 14 2021 · by Sara Jelen

The 10 Largest Data Breaches and Leaks: Overview, Impact and Settlements

Today, every company holds some sensitive information that can be of value to malicious actors. To say that we now see cyber attacks and data breaches happen routinely would be an understatement. We're hit almost weekly with news about attacks crippling entire fuel pipelines, exposing government and largest-enterprise networks to attackers, and personal information belonging to billions of people all around the world put up for sale on the dark web.

Best Cybercrime Investigation and Digital Forensics Courses and Certifications
SecurityTrails Blog · Aug 31 2021 · by Sara Jelen

Best Cybercrime Investigation and Digital Forensics Courses and Certifications

Cyber criminals target networks in the private and public sector every day, and their threat is growing. Cyber attacks are becoming more common, more menacing, and in the public sector, can compromise public services and put sensitive data at risk. It happens all the time in the private sector too: companies are attacked for trade secrets, customer information and other confidential details. Individuals aren’t spared either and are falling victim to identity theft, fraud and various other types of cybercrime.

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services
SecurityTrails Blog · Aug 24 2021 · by Ken Pyle

Blast Radius: Mapping, Controlling, and Exploiting Dynamic Self-Registration Services

Vendors such as Datto, GeoVision, Synology and others leverage and depend on self-registered services for their products. These devices frequently leak critical data or have insecure design, unintentional or even intentional design decisions and application flaws. Through insecure network design and installation practices, they can be easily mapped, discovered and attacked by cyber criminals via insecure vendor, software and integrator practices.