7MS #495: Desperately Seeking a Super SIEM for SMBs – Part 5

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.

Today we continue our SIEM/SOC evaluation series with a closer look at one particular managed solution and how it fared (very well) against a very hostile environment: the Light Pentest LITE pentesting course! Spoiler alert: this solution was able to detect:

RDP from public IPs
Password spraying
Kerberoasting
Mimikatz
Recon net commands
Hash dumping
Hits on a "honey domain admin" account
Users with non-expiring passwords
Hits on the SSH/FTP/HTTP honeypot

Tags: siem

Written by: Brian Johnson

Share on socials:

podcast

7MS #620: Securing Your Mental Health – Part 5
Continue reading
podcast

7MS #619: Tales of Pentest Pwnage – Part 56
Continue reading
podcast

7MS #618: Writing Savage Pentest Reports with Sysreptor
Continue reading

7MS #495: Desperately Seeking a Super SIEM for SMBs – Part 5

Recent Posts:

7MS #620: Securing Your Mental Health – Part 5

7MS #619: Tales of Pentest Pwnage – Part 56

7MS #618: Writing Savage Pentest Reports with Sysreptor

About Us

Services

Resources