Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

What Goes Into the Cost of a SIEM?

As we’ve covered before, SIEMs are an expensive tool. The average enterprise-level SIEM deployment costs over £15 million a year, and operating a small, 100 to 1000-seat SIEM will still run up bills of over £10k monthly. SIEMs create spiralling costs that eat security budgets. Without a skilled team operating them, they can also make organisations less secure despite receiving more information about their digital estates. But where do these SIEM costs come from?

CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM

On November 14, 2023, FortiGuard published an advisory disclosing that a critical command injection vulnerability (CVE-2023-36553) had been patched in the latest updates for FortiSIEM. The vulnerability was rated with a Common Vulnerability Scoring System (CVSS) score of 9.3, as it can be exploited remotely by an unauthenticated threat actor using crafted API requests to execute unauthorized commands. This vulnerability is caused by improper neutralization of special elements in FortiSIEM report server.

Why SIEM Is Not Right for SaaS Security

When security information and event management (SIEM) tools came to the market over a decade ago, many practitioners considered the combination of information management and event management groundbreaking. Since then, the technology has gone through iterations to improve and enhance its capabilities, including the incorporation of user and entity behavior analytics (UEBA), machine learning and AI capabilities, and “out-of-the-box” configurations for smaller organizations to rely on.

Leveraging OpenAPI as a Core Element of API and Application Security

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Unlock the Power of Your SIEM with Co-Managed SOC

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools, network structures, and software applications. Yet, the mere presence of a SIEM isn't a magic bullet. For optimal functionality, SIEM systems must be appropriately set up, governed, and supervised round-the-clock.

Reflecting on 2023: Evolving our Product, Deepening Partnerships, and Staying Committed to the Security Community

As the new year approaches, security professionals and analysts alike are taking a step back to review what has transpired over the past twelve months. At Devo, 2023 was an exciting year full of change and progress. As we look forward to 2024, we want to take some time to reflect on Devo’s year across product enhancements, analyst recognition, partnerships, and community engagement.

Secure your AWS environment faster with Sumo Logic's AWS Built-in Competency

In the fast-paced world of cloud-based attacks, staying ahead of the curve with cloud-native security solutions is paramount. Sumo Logic, a leading name in the field, has taken a significant leap forward by embracing AWS Built-in and becoming a launch partner for the AWS Built-in Competency. Let’s explore how Sumo Logic and AWS collaborated to define a new way to deliver an integrated solution that expands upon the requirements of AWS Native Service integrations across foundational cloud domains.