Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

What is a Cross-Site Scripting Attack

Cross-site scripting attacks are the digital version of the mystery trope where people inject IV lines with hazardous material. In the murder mystery genre, these crimes often focus on someone who looks legitimate, sneaking malicious material into someone’s medicine to harm the patient. Similarly, a cross-site scripting attack is when a threat actor sneaks malicious code into someone’s application to harm end users.

Why SIEM Is Not Right for SaaS Security

When security information and event management (SIEM) tools came to the market over a decade ago, many practitioners considered the combination of information management and event management groundbreaking. Since then, the technology has gone through iterations to improve and enhance its capabilities, including the incorporation of user and entity behavior analytics (UEBA), machine learning and AI capabilities, and “out-of-the-box” configurations for smaller organizations to rely on.

Beyond Burnout: Key Takeaways from SOC Analyst Appreciation Day 2024

Feeling overwhelmed by alerts? You’re not alone. At SOC Analyst Appreciation Day (SAAD) 2024, we heard from countless analysts facing the same challenges of burnout, perfectionism, and the need for mentorship. With a fantastic line-up of speakers, including John Hammond, Ron Eddings, Peter Coroneos from Cybermindz, and other security leaders, this year’s event provided valuable insights and sparked engaging discussions.

Asia-based SMBs: leverage logs to enhance cloud security and scale your operations

As small and mid-sized businesses (SMBs) across Asia adopt cloud technologies to accelerate growth, securing your cloud infrastructure becomes a significant challenge. The complexities of managing cloud environments, regulatory compliance, and ensuring real-time threat detection require robust solutions that are both scalable and cost-effective.

Monitor your Windows event logs with Datadog Cloud SIEM

Windows event logs are a key source of important information about your Windows environments, including detailed records of user activities, system performance, and potential security issues. However, with the sheer volume of logs modern environments generate, it can be overwhelming for security teams to efficiently detect, triage, and respond to threats in real time.

From SIEM to Detection as Code

Cloud-Native SIEM: Scaling Security for the Modern Era Key Takeaways: Detection-as-code offers improved governance, collaboration, and scalability Start with a clear understanding of critical threats to your organization Balance comprehensive monitoring with intentional, focused alerts Consider cloud-native SIEM solutions for cost-effectiveness and scalability Regularly review and update security playbooks and runbooks.