Setting up IBM Resilient on a standalone VM PrerequisitesBefore installing and using the resilient server, users will need A PC (Host Machine, not a VM) with 16+ GB of RAM. We have tested on Ubuntu Linux 20.04LTS,
Create an AMI from ova file using AWS-Cli for Splunk-SOAR (Phantom) In the following article, we'll walk you through creating an IAM for Splunk-SOAR from an ova file using Amazon Web Services Create a IAM userLogin in to the aws accountGo
Enhancing the Security of Wireless IoT Devices with the NAC platform and IoT Cloud Management Service Provider Wireless IoT devices have become ubiquitous in industries ranging from healthcare to manufacturing to retail. However, effectively managing and securing these devices can be challenging, especially when they are deployed
Integrating OT & IoT Security with Splunk: An Application Case Study Description At Metron, we were tasked with building a Splunk Enterprise application that could integrate with a leading OT & IoT Security App. Learn about the process here. At Metron,
How to Set Up QRadar on Amazon EC2 For Development Purposes This following guide outlines the steps needed to set up QRadar on AWS for development purposes.
Useful Integrations Add-Ons for XSOAR : Fetching Credentials Fetching credentials is crucial aspect of the management and sharing of credentials, which are used to authenticate and authorize access to resources.
How to Setup Up ArcSight on EC2 [2023 Walkthrough] The following article will provide the step-by-step guidelines for setting up Arcsight logger on EC2.
XSOAR :An Overview of Trends to Keep an Eye on it 2023 This article focuses on the trends in XSOAR that readers who are familiar with the platform will likely find helpful for the coming year.
XSOAR Debugging Solutions for Common Problems [Part 1] In the post below, we have outlined some of the common issues we’ve come across among our XSOAR users.
Metron Security Completes Service Organization Control (SOC) 2 Type 1 Audit [Novato, California] -- Metron Security, a leading integration partner for some of the world's leading and fastest-growing security companies and managed security providers (MSSPs), has announced its successful completion of
Splunk Splunk SOAR (Formerly Phantom): Installation with an OVA and a tarball file This guide explains how to get started with installing a Splunk SOAR for your security ecosystem.
How to Update Your ServiceNow App from one Instance To another Instance This article walks through the steps needed to update/deploy your ServiceNow app into a QA Instance. To do so, we will be using the Development instance as the source.
XDR ChatGPT: How did it respond to our questions about XDRs? We're living in an exciting time where machine learning is concerned. Tools such as Midjourney which generate art based on a user prompt have recently made headlines for winning top
Common Test Cases for Integrations Between a SIEM/SOAR with EDRs and XDRs The goal of this article is to help users understand how data flows when we configure an integration.
Understanding Cortex XSOAR Integrations and Use Cases Cortex XSOAR is designed to accommodate integrations whether it be from a custom solution or through the tools available in the app.
Installing IBM QRadar Community Edition locally IBM Security QRadar Community Edition (CE) is a free and full-featured - albeit lighter -version of QRadar based on version V7.3.3. This edition is also specifically designed for students, app developers, and security professionals in need of a testing environment
Cortex XSOAR: Common Troubleshooting Tips and Suggestions In this post we detail a few of the common ways you can troubleshoot issues with your Cortex XSOAR application.
How to Fetch Logs in Your IBM Security QRadar SOAR Platform Logs can be retrieved for troubleshooting in IBM QRadar SOAR as needed and outlined in the steps below.
2 Ways to Fetch Logs in IBM QRadar in 2022 QRadar is IBM's premier enterprise security information and event management (SIEM) product. As a network security management platform, it collects data from your network devices, host activities, operating systems (OS)
Cortex XSOAR Marketplace: What to Expect for Your Integration Needs Cortex XSOAR, as the name suggests, is a security orchestration, automation, and response (SOAR) platform. It aims to be used as a comprehensive, unified platform that aggregates the various functions
What is a Splunk Integration? Definition and Use-Cases Splunk as a SIEM Splunk is a data-driven SIEM tool that specialises in indexing and retrieving log files from your systems while also providing additional layers of observational intelligence. Out
Splunk Enterprise 9.0 Release is Now Available Splunk Enterprise is a frequently used app by SOCs that allows users to collect, analyse, and visualise the components of their business or IT structure. By aggregating the data from
Data Enrichment and Security: Two Uses Cases for Application Logs In this post, we'll focus on two use cases that can help improve your team's responsive time when reviewing application logs.
Data Enrichment: Setting Security Goals for Your Organisation Why are security operators turning towards data enrichment and the ways to automate the process more than ever before?
Cybersecurity Experts: Why Automation Matters on the Job As talented as your security operations team may be, the best way to empower them is through automation.