SOAR for Controlled Response SOAR is often described in broad terms: orchestration, automation, response, integration. That is true, but it can also feel vague. A simpler way to explain it is this: SOAR helps a SOC turn a decision into action without repeating the same manual steps every time. This matters most when the action…
Read MoreElastiFlow collects NetFlow data from networks, such as NetFlow, sFlow, or IPFIX. This data can be sent by routers, switches, probes and other devices. The ElastiFlow Engine then processes this data and optimizes its normalization before writing it to a database such as Elasticsearch. What makes ElastiFlow particularly interesting is that it is well suited…
Read MoreWith Elastic Observability we can create alerts on all data we collect, such as logs, metrics, application services and synthetic monitoring. However, NetEye represents the main operational console from which to monitor the entire infrastructure. By sending alarms from Elastic Observability to NetEye via Tornado, we can also bring this information into the NetEye console,…
Read MoreWhy a Purple Team Program Makes Cybersecurity More Effective In today’s cybersecurity landscape, having defensive tools in place is no longer enough. Firewalls, SIEM platforms, detection rules, playbooks, and threat intelligence feeds are all essential components, but the real question is this: how well do they actually perform under realistic attack conditions? This is where…
Read MoreImportant: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.47 Summary The vulnerabilities include two Stored XSS, an Arbitrary file deletion, an Arbitrary item deletion, Arbitrary files access and two unauthorized actions….
Read MoreWelcome back to our continuing series on budget-friendly methods for making video tutorials. With today’s post I’m going to start a 3-parter on Teleprompters. I’ve previously described Teleprompter hardware and setup, but today I want to talk more about usage recommendations now that I’ve been using one for several years. Also remember that a teleprompter…
Read MoreNode export in the Tornado Processing Tree was broken on Firefox The bug was caused by a divergence between Firefox and Chrome in blob handling with CSP. Issue resolved, behavior is now consistent across both browsers. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-module-tornado-3.2.3-1, icingaweb2-module-tornado-autosetup-3.2.3-1, icingaweb2-module-tornado-configurator-3.2.3-1
Read MoreThere is a technology inside modern Linux systems that: It can do all of this (and much more) without the need of kernel modules;that technology is eBPF. The aim of this article is to provide an overview of the technology, present several use cases, and address potential misuse from an offensive security perspective. A Bit…
Read MoreProcessing Tree Rendering Issue We shipped a fix for a rendering bug in the Tornado UI Processing Tree. Under specific conditions, navigating back to the dashboard after expanding tree nodes caused the tree to render incorrectly nodes would appear collapsed, misaligned, or in a broken state. List of updated packages To solve the issues mentioned…
Read MoreRole Search Now Works in Access Control We’ve fixed the search functionality in the Roles view under Configuration – Access Control, so you can now find roles instantly without any errors. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-2.12.4_neteye1.155.2-1, icingaweb2-autosetup-2.12.4_neteye1.155.2-1 icingaweb2-configurator-2.12.4_neteye1.155.2-1
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the elastic stack packages are now available for NetEye 4, with a special focus on Kibana and Logstash. Security Fix for NetEye 4.47 Summary There are several patched vulnerabilities: For details on how to apply…
Read MoreIntroduction Every few years (3-5) once your Hardware Guaranty expires, it’s time again to migrate your productive NetEye Server from the old Hardware to the new. This is a procedure that has to be done regularly, but unfortunately no “How To” documentation can be found for it. So today I’ll try to explain in a…
Read MoreFix MariaDB restarts after mariadb-server-galera version 10.11.15 We have resolved an issue that caused MariaDB to fail during restart operations after Red Hat repositories published mariadb-server-galera version 10.11.15. The issue could occur in the following cases: List of updated packages To solve the issues mentioned above, the following packages have been updated:
Read MoreRunning Ollama locally or on dedicated hardware is straightforward until you need to know whether a model is actually loaded in RAM, how fast it generates tokens under load, or when memory consumption reaches a threshold that affects other workloads. A simple TCP port check confirms the process is alive, nothing more. This tutorial shows…
Read MoreImportant: Grafana security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the grafana packages is now available for NetEye 4. Security Fix for NetEye 4.46 Summary There are several patched vulnerabilities. For details on how to apply this update, which includes the changes described in this advisory,…
Read More