Articles by Eric

  1. Advanced DNS Analysis with ArcSight

    Mon 26 September 2016
    By Eric

    Entropy

    This is part one in a series of extending the functionality of ArcSight connectors to analyze DNS requests.

    DNS requests are a high-volume event source, but there is value in sending them to the SIEM beyond seeing which workstations are hitting giphy all day. Along the buzzwordy cyber kill …

Page 1 / 1