Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Easily ingest and monitor security logs with Cloud SIEM Content Packs

Datadog Cloud SIEM helps customers protect their cloud environment and SaaS applications against threats with built-in threat detection rules, interactive dashboards, workflow blueprints, and in-depth support resources. These capabilities provide valuable insights into your security posture, so you can respond promptly to emerging threats. In order to generate these insights, Cloud SIEM analyzes log data, which users can start sending to Datadog by enabling one of our out-of-the-box integrations.

Bolster OT Security with Graylog

Anyone tracking the evolution of the IT industry is probably familiar with the concept of Industry 4.0. Essentially, it describes the process by which traditional industrial tasks become both digitized and continually managed in an IT-like fashion via modern technologies like cloud computing, digital twins, Internet of Things (IoT) sensorization, and artificial intelligence/machine learning.

Visualize activity in your Azure environment with Datadog Cloud SIEM Investigator

Cloud infrastructures can comprise thousands of interconnected and dynamic resources. This complexity introduces unique challenges to monitoring and securing these architectures. Understanding where user activity originates—and what actions constitute security threats—is a complex task when you’re dealing with the huge volume of logs, metrics, and other telemetry that highly distributed cloud environments generate each day.

What's new in Elastic Security 8.10: Scale your defenses and outpace attackers

Richer alert contextualization, generative AI in GA, ATT&CK® coverage view, cloud security posture management (CSPM) for Google Cloud, and automated CSPM onboarding for AWS accounts Elastic Security brings a MITRE ATT&CK®-aligned detection coverage view, richer alert contextualization, and extended cloud security posture management (CSPM) to Google Cloud Platform (GCP).

Faster security investigation with Cloud SIEM playbooks

Playbooks — and automated processes in general — used to be associated primarily with security orchestration, automation and response (SOAR) platforms, but that has changed recently. Many modern security information and event management (SIEM) solutions have started incorporating SOAR-like functionality, enabling you to automate security workflows and improve your mean time to detect (MTTD) and mean time to respond (MTTR).

What is an API attack and how does it work

If you want to visualize how data flows across your connected applications, you can think back to that childhood game of Chutes and Ladders (also called Snakes and Ladders). As a kid, the board felt like a confusing grid that had the weirdest, seemingly arbitrary connections between blocks. In your modern digital environment, your Application Programming Interfaces (APIs) fulfill the same role that the ladders and chutes/snakes fulfilled, connecting disparate blocks across a larger whole.

Move from a High-Cost Legacy SIEM to High-Speed Falcon LogScale

The fastest adversary can “break out” — or move laterally — in only seven minutes after compromising an endpoint. Yes, you heard that right. Seven minutes. In the relentless race against adversaries, every second counts. To avoid breaches, you need to detect and stop adversaries before they can break out and expand their realm of control.

7 tech challenges that can be collaboration opportunities for global governments

From cybersecurity to AI to legacy IT, agencies are united by similar obstacles So far the twenty-first century has unleashed a torrent of technological innovations, becoming a double-edged sword for governments worldwide. The growing burden of legacy IT systems, cybersecurity threats, AI incorporation, data privacy concerns, budgetary constraints, and shifting geopolitical landscapes puts governments at the forefront of a rapidly evolving environment.

How SOC Analysts Can Keep Up With the Cybersecurity Landscape

Keeping up to date in any field can be challenging, but this ethos might not ring more true than in cybersecurity. The dynamic nature of the industry requires SOC analysts to always be on their toes with new and emerging threats across a constantly expanding attack surface. New threats and vulnerabilities can pop up on a nearly daily basis. Don’t let this discourage you because this is also what can make the role so satisfying!