As 2023 draws to a close, it's worth noting that despite the approaching year-end, our team remains committed and actively engaged in development efforts. The dedication to ongoing progress reflects our commitment to innovation and continuous improvement.
We look forward to carrying this momentum into the new year, building on the foundation of the work accomplished in 2023.
The Cybersift team has been working hard all December to keep your digital assets safe!
In our ongoing commitment to providing top-tier cybersecurity solutions, we are thrilled to announce several key updates and improvements to our SIEM & TUTELA Solutions.
SIEM Updates:
1. Alerter NiFi Parser Supports "Collated Thresholds":
This means that alerts will trigger only once a specified number of events are observed. This can help streamline alert management.
2. ManageEngine Password Manager Pro Syslog Parsers:
Syslog parsers have been added to support integration with ManageEngine Password Manager Pro. Users can refer to the provided link for configuration details.
3. Barracuda WAF Parsers:
Parsers for Barracuda Web Application Firewall (WAF) have been added, enabling SIEM integration with Barracuda WAF. Contact us if you require guidance on the integration process.
TUTELA Updates:
1. Introduction of "Tutela Severity Score":
December 2023 saw the introduction of the “Tutela Severity Score” in our dashboards. In this article and the corresponding screencast, we explain why this new score was introduced and how it helps you to manage your security risk more efficiently and effectively
Companion Video Explainer
CVSS vs EPSS
CVSS over time https://nvd.nist.gov/general/visualizations/vulnerability-visualizations/cvss-severity-distribution-over-time
Using EPSS and CVSS Together https://www.first.org/epss/user-guide
The EPSS Machine Learning Model https://www.first.org/epss/model
Evolution of a CVE EPSS Score over time https://www.first.org/epss/articles/log4shell
CVSS and EPSS Together
2. Addition of EPSS Score to Vulnerabilities:
EPSS (Expected Path Severity Score) is now integrated into the assessment of vulnerabilities. This enhancement may provide a more comprehensive evaluation of the potential impact of identified vulnerabilities.
3. CSV Export Functions:
Users can now export data in CSV format for both EOL (End of Life) checks and ISE 27001 checks. This feature aims to facilitate data analysis and reporting.
4. Weekly Report for "Newly Flagged Suspicious Domains":
Users can now receive a weekly report summarizing newly flagged suspicious domains. This proactive reporting can aid in timely response to potential threats.
5. Update of Compliance Dashboard and Migration of Compliance Alerts Documentation:
The Compliance Dashboard has been updated, and the documentation for Compliance Alerts has been migrated to a centralized location for improved accessibility.
EXTRA NOTIFICATION Updates:
1. New Notification Processors for Microsoft Teams and The Hive:
Two new notification processors, Microsoft Teams and The Hive, have been introduced. This expands the range of communication channels for receiving notifications, enhancing flexibility in alert management and incident response.
& so ... In DECEMBER 2023, these were the top Cybersecurity news from around the globe:
• Ukraine's Largest Mobile Operator Targeted by Russian Cyber Attack
• HTC Global Services Confirms Cyber Attack by BlackCat Ransomware Group
• Star Blizzard Spear-Phishing Campaign Linked to Russian FSB
• Phishing Surge Exploiting Adobe InDesign
• Surge in Business Email Compromise (BEC) Attacks on Law Firms
• Business Communication Risks in Popular Messaging Apps
We would like Thank you for your collaboration in 2023,
Here's to a more fruitful partnership in the coming year!
