Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Elastic Security 7.16: Accelerate SecOps with the most powerful Elastic Security yet

In Elastic Security 7.16, multiple new out-of-the-box data integrations for Elastic Agent streamline data ingestion and normalization, powering security operations. The release also introduces full production support for several existing data integrations. Version 7.16 introduces an expanded set of malicious behavior protections, addressing methods related to initial access, privilege escalation, and defense evasion.

Detecting and blocking unknown KnownDlls

This is the second in a two-part series discussing a still-unpatched userland Windows privilege escalation. The exploit enables attackers to perform highly privileged actions that typically require a kernel driver. Part 1 of this blog series showed how to block these attacks via ACL hardening. If you haven’t already, please read the first part of this series, because it lays an important foundation for this article. Interested readers can also check out the excellent Unknown Known DLLs...

LogSentinel XDR - A Unified Security Monitoring Platform

XDR (eXtended Detection and Response) is a new Gartner category, which, we’ve argued before, is SIEM++, or what next-gen SIEM should have been. This is why we are packaging our latest feature updates into an XDR offering that should greatly improve the detection and response capabilities of any organization, especially mid-market organizations, which gain the most benefit from integrated, easy-to-use platforms. LogSentinel XDR is a unified security monitoring and response platform.

Announcing new Sumo Logic AWS security Quick Start integrations

We’re excited to announce updates to Sumo Logic AWS Quick Start Integrations that enable customers to automate the integration of AWS Security Reference Architecture within Sumo Logic Cloud SIEM powered by AWS. The new integrations automate the collection, ingestion, and analysis of applications, infrastructure, security, and IoT data to derive actionable insights for security engineering teams.

How to Detect Office 365 Anomalies Using SIEM

Microsoft Office 365 (also known as Microsoft 365 or Office 365) is a cloud-based service that enables online collaboration and real-time data sharing via Microsoft solutions such as SharePoint, MS Teams, and OneDrive. Microsoft Office 365 brings together familiar Microsoft Office desktop applications together with business-class email, shared calendars, instant messaging, video conferencing, and file sharing, making it an integral part for many in times of pandemic.

Devo's Latest Release Empowers Analysts to Discover Threats Faster and More Accurately

Over the past 12 months, the cyberthreat landscape has become much more tumultuous. A data breach analysis from the Identity Theft Resource Center (ITRC) found that the number of data breaches publicly reported so far this year has surpassed the total for 2020. That’s alarming. To combat this constant barrage of cyberattacks, you must equip your security team with the tools they need to match the pace of today’s data growth and cybercriminals’ relentlessness.

New CCO's Mission: Create a World-Class Experience for Devo Customers

Johannes Loeffler recently joined Devo as chief customer officer. He and his worldwide team are responsible for accelerating Devo’s efforts to provide customers with a seamless and superior customer experience. I joined Devo because I saw an amazing company with huge potential that is disrupting the logging and SIEM market. Devo’s solutions and services provide incredible value to our customers. And our customers are loyal to us, which is something money can’t buy.

Three Cloud SIEM innovations that improve team collaboration, tailor SOC workflows, and encourage customization

Sumo Logic is constantly improving our Cloud SIEM solution to meet the needs and demands of our current and future customers and help them modernize their security operations. Via our cloud-native platform, our engineers perform continuous delivery of product features and improvements to all Cloud SIEM customers—simultaneously—several times each week.

$250M in New Funding Positions Devo for Continued Growth and Success

On October 26, 2021, Devo announced a new round of $250 million in venture funding that gives the company a valuation of $1.5 billion. In a new Devo Inside Out video, CEO Marc van Zadelhoff and CFO Jennifer Grunebaum discuss the details of the investment and what it means for Devo’s ability to bring the industry’s most comprehensive logging and security analytics solution to more customers worldwide. Video Player 00:00 00:00 00:00 Use Up/Down Arrow keys to increase or decrease volume.