min-width: mobile
min-width: 400px
min-width: 550px
min-width: 750px
min-width: 1000px
min-width: 1200px
NOTICE We have updated our Privacy Policy to include GDPR and the use of cookies. Click "Accept" to continue. ACCEPT

Blog & News

Using Jack Crook’s log analysis concepts with Sagan

Posted by Champ Clark on January 07, 2018

* Note:  This blog was updated Jan 30th, 2018.   We've updated some of the rules after testing in produciton enviroments.  Rules that do not have updates are considered stable and already providing value. 

Several months ago I started following a fellow "log junkie" on Twitter named Jack Crook (Twitter: @jackcr).  ...
Continue Reading

Posted in Announcements

Sagan Technology Latest Release Includes Malware Detonation

Posted by Kat Casey on September 05, 2017

JACKSONVILLE, Fla., Sep 05, 2017 (BUSINESS WIRE) -- Quadrant Information Security announces the next release of their Sagan Technology, which will include a new Malware Detonation component. This release will allow Sagan sensors the ability to extract files traversing the customer infrastructure, and detonate these files in a secure off-premise cloud environment.

“Adversaries are getting smarter and it...
Continue Reading

Sagan “global” xbits.  Escaping the island.

Posted by Champ Clark on July 11, 2017

Early in the development of Sagan “xbits,” we noticed a couple of limitations.

For one, Sagan didn’t have the ability to “remember” xbits between process restarts meaning that that all the data Sagan had been collecting (xbits, threshold, etc.) would be lost during a reboot or process restart.

Continue Reading

Posted in Announcements

New features in the release of our Sagan 3.0.1

Posted by Kat Casey on March 29, 2017

Here are some of the cool, new features in our recent Sagan 3.0.1 release this week. 

E-mail format changes: 

We have made some minor modifications to our alert e-mail format. The new format features the more important alert data toward the top of the e-mail. This change was initiated based on client feedback...
Continue Reading
Posted in Announcements

Sagan 3.0: New Features & Functionality

Posted by Kat Casey on November 29, 2016

We have been working on Sagan 3.0 for several months now, and wanted to share with you some of the new features and functionality that you will experience in the console and via Quadrant support.

Some of the new UI/UX feature updates include:

New framework being used, which provides more security in production, and...
Continue Reading

Dynamic Rules with Sagan.

Posted by Champ Clark on November 14, 2016

One of the biggest problems faced with log monitoring is ensuring that the proper rules are loaded. Just like with packet based IDS systems, during the installation and setup process, you typically enable the rules that you think are relevant to your environment. The problem is, environments change over time and we might neglect to go back and determine...
Continue Reading

UPDATED Easing the Compliance Burden :: Sagan & PCI Compliance (version 2 - new requirements)

Posted by Kat Casey on November 03, 2016

Article published/updated by: Drew Brunson, Senior Information Security Consultant, Quadrant Information Security

Difficulty achieving compliance with the Payment Card Industry Data Security Standard, the PCI DSS, sometimes can seem to spring from parts of the standard that seem fairly simple at first reading.

The requirement to track and...
Continue Reading

What the Sagan Log Analysis Engine Is…and What It Is Not.

Posted by Champ Clark on August 22, 2016

Article by Champ Clark III.

With so many log analysis tools out there, we sometimes see strange comparisons between the Sagan log analysis engine and unrelated tools. For example, people often ask how Sagan compares to Splunk.  In our opinion, these are two different tools with two different jobs.

For one, the...
Continue Reading

Release of the APT Deflector (Patent Pending): True Quality Context, Threat Intelligence Advancement

Posted by Kat Casey on July 08, 2016

JACKSONVILLE, Fla., Jul 08, 2016 (BUSINESS WIRE) -- Quadrant Information Security announced at an exclusive event in Jacksonville, Florida last night, the release of the APT Deflector (patent pending). This intelligent threat intelligence process is a component to our overall Sagan Solution, and our threat intelligence engine, BlueDot.

“We have to stay creative and continue to...
Continue Reading