What is it about Devo that enticed you to join the company? If you look at my history, you’ll quickly realise I am passionate about two things: data and cybersecurity. One other passion that is not widely known is that I am a bit of a graph-processing fanatic. Solving problems in the modern security landscape isn’t just about collecting loads of data — which Devo does well — but how you can turn that data into actionable intelligence.

Deploying a SIEM requires strategic planning. When deciding on a deployment, an organization must consider the level of risk it is willing to assume, what its security priorities are, and which use cases to implement. From there, your security operations team must thoughtfully identify their inputs — the data the SIEM solution will gather — before rolling out anything. Otherwise, you won’t obtain your desired outputs to identify high-fidelity alerts to act on.

I’m a security analyst at Orange Business Services in Paris, and one of my current projects for the Orange Group is implementing a new SIEM based on the Elastic Stack. In this blog post, I’ll share why we chose Elastic and how we were able to integrate Elastic into our existing SIEM, resulting in faster investigations and saving our engineers’ time. So follow along.

Today’s enterprise networks are heterogeneous, have multiple entry points, integrate with cloud-based applications, offer data center delivered services, include applications that run at the edge of the network, and generate massive amounts of transactional data. In effect, enterprise networks have become larger, more complex, and more difficult to secure and manage.

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified, holistic view of your infrastructure.

As the only cloud-native logging and security analytics platform that enables organizations to take full advantage of all of their data to run and secure their business, Devo is committed to working with other leading security technology providers to bring advanced capabilities to our customers. That’s why we’re pleased to announce an integration with Google Cloud IDS.

It has been off to the races for the Sumo Logic and AWS teams since the general availability of the Sumo Logic Cloud SIEM powered by AWS solution on June 1, 2021. We are excited for the overwhelming response from customers from across all segments, industries and geographies.

Security Information and Event Management (SIEM) is a combination of Security Information Management (SIM) and Security Event Management (SEM). A SIEM solution provides real-time analysis of security alerts generated by applications and networks. SIM is the collection, monitoring and analysis of security-related data such as log files into a central repository for trend analysis.

Today, we’re excited to announce that ManageEngine has been recognized in 2021 Gartner Magic Quadrant for security information and event management (SIEM) for the fifth consecutive time. We are thrilled to be awarded this recognition yet again for our contribution to the world of cybersecurity. “Most enterprises were not prepared for the widespread changes in work environments following the COVID-19 pandemic.

In my previous post, I discussed cloud-computing security challenges identified in our new report, Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits. Based on a survey conducted by Enterprise Strategy Group (ESG), the report found that while cloud computing does initially introduce security challenges and increased complexity, it’s worth it in the end. That said, CISOs need to strategically invest time and resources to achieve better security outcomes.

On July 3, 2021, Kaseya reported1 a potential attack against its Virtual System/Server Administrator (VSA) that apparently had been limited to a small number of on-premises customers. Kaseya recommended an immediate shutdown of the VSA server until further notice. The small number of affected customers grew to thousands in just a few hours.

The Sumo Logic team is excited to announce that it has been named a Visionary in the Gartner 2021 Magic Quadrant for Security Information Event Management (SIEM). We believe our placement in the Visionary quadrant reflects the value and success our customers have realized by using our cloud-native security platform and the innovative ways in which it solves SIEM and modern security operations use cases.

We’re excited to share that Elastic Security has been recognized in the 2021 Gartner Magic Quadrant for Security Information and Event Management (SIEM). Elastic Security is the latest Elastic solution to be recognized in a 2021 Gartner Magic Quadrant report, following the 2021 Magic Quadrant for Insight Engines and 2021 Magic Quadrant for Application Performance Monitoring.

Splunk was named a Leader for the eighth consecutive time this week in the Gartner Magic Quadrant for Security Information and Event Management (SIEM)*. In our opinion, this recognition marks one of the longest running recognitions in the history of the SIEM market. The recognition comes on the heels of Splunk also being ranked No.