Persistence is effectively the ability of the attacker to maintain access to a compromised host through intermittent network access, system reboots, and (to a certain degree) remediation activities.
It just gets better and better! We are extremely excited to share the latest release of the JASK cloud-native SIEM.
There have always been some common themes when it comes to SIEM content creation and the management of it: it is complex, requires the right skills and is not being done by many organizations.
This week at JASK, we introduced templated rules to our customers. Templated rules make it easy for customers to create a single rule for a data source that has multiple event types.
In this post, we will cover how to use the JASK API to identify gaps in rule coverage.
How to expand the funnel by customizing workflow inside the JASK platform and pulling the additional metrics via API.
Almost anyone who has spent time around SIEM and security operations have seen a security event management funnel.