Sentinel

This blog post kicks off a series on new challenges that we’ll be facing in coming years related to the Internet of Things (IoT)—which, simply put, means our tendency to attach everything from our cars to our socks to the global internet. This will inevitably lead to two things: you’ll have amazing access to all…

+ read more

DCorlette
By: DCorlette
Jun 23, 2015
7:54 am
Reads:
584
Score:
Unrated

Getting the raw data that caused an event in Sentinel is rather cumbersome. The script presented here will automate this process.

Norbert Klasen
Jun 3, 2015
4:34 pm
Reads:
310
Score:
Unrated

After Sentinel 7.3 was released, the Rules and Action options were changed, and it got a little trickier to set up automatic emails to notify security team members about things like login failures. Here’s how you set things up to enable a “Send Email” action to be part of routing actions.

May 27, 2015
4:10 pm
Reads:
386
Score:
Unrated

How do you know if your trusted employees are stealing sensitive data?  Companies have to allow them access to do their jobs (Utilize USB Drives, Touch File Shares etc), but need to monitor their actions. With Change Guardian and Sentinel we can detect this and give real time alerts.  In today’s example we are watching for someone…

+ read more

Nick Carstensen
Apr 3, 2015
10:35 am
Reads:
1,394
Score:
5

No organization is immune from a data breach.  The fact is, your organization probably already has been breached.  A new survey from the CyberEdge Group and NetIQ shows you just where IT teams are finding the security vulnerabilities that can lead to breaches and audit findings.  The good news is it’s not hard to find…

+ read more

Renee Bradshaw
Mar 11, 2015
6:05 am
Reads:
1,324
Score:
Unrated
This entry is part 5 of 5 in the series Sentinel Collector SDK 2014 Updates

A recent thread in the public forums, which you may have seen already, brings to light some new possibilities that I would like to cover today. So far in this series we’ve been talking about new offerings of the updated SDK and the code within; part of that development lifecycle would optimally include some…

By: ab
Feb 4, 2015
12:29 pm
Reads:
658
Score:
Unrated
This entry is part 4 of 5 in the series Sentinel Collector SDK 2014 Updates

This entry is part 4 of 5 in the series Sentinel Collector SDK 2014 UpdatesFor the past while this series has been covering some of the powerful updates present in the 2014 Preview version of the new Sentinel SDK, which is used for creating various types of Sentinel plugins (collectors, reports, solution packs, actions, etc.)…

+ read more

By: ab
Jan 28, 2015
12:51 pm
Reads:
1,349
Score:
5

Sentinel allows you to create your own detailed reports within the web interface. However, more control over the report layout may be desired. NetIQ makes the Sentinel SDK available to not only develop custom plugins, but also create custom reports. There’s quite a bit involved in customizing a report, and the whole process does take…

+ read more

Jan 22, 2015
4:11 pm
Reads:
1,497
Score:
5

NetIQ’s Sentinel product is a SIEM solution that provides the ability to capture events from any number of event sources, and of any type, into a system that normalizes the data, finds meaning in a barrage of nonsense (needle in a haystack), and includes incidents management based on custom workflows as defined by each customer….

+ read more

By: ab
Jan 21, 2015
11:50 am
Reads:
1,140
Score:
5
This entry is part 3 of 5 in the series Sentinel Collector SDK 2014 Updates

This article is part of a series of articles diving into the new functionality present in the 2014 Preview Sentinel SDK. Today I will be covering the new documentation options and what they mean for those who have developed collectors previously, as well as all of us developing collectors now and in the future.

By: ab
Jan 15, 2015
3:29 pm
Reads:
845
Score:
5