Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

It's Time for SIEM to Act Like a Security Data Platform

What you’re doing isn’t working. Despite best efforts, the scale of cybersecurity data is outpacing the ability of security information and event management (SIEM) solutions to identify and stay ahead of digital threats. Incremental improvements can’t keep pace with the scale of data contained in cloud solutions and the scope of data created by new tools, like generative AI. The result? It’s time for transformation—and time for SIEM to act like a security data platform.

The Top SIEM Technical Interview Questions

If you are evaluating a new role that requires proficient knowledge of SIEM, this comprehensive guide offers an extensive list of frequently asked interview questions. Each question is paired with detailed, well-explained answers to ensure you fully understand the concepts and can confidently showcase your expertise.

Elastic Security excels in the AV-Comparatives Business Security Test

Elastic Security has exceptionally powerful capabilities that surpass those of smaller vendors Elastic Security has achieved remarkable results in the recent AV-Comparatives Business Security Test, ranking in the top five with other notable security vendors. Elastic Security was identified as being in the larger end of the market and offers exceptionally powerful tools with capabilities that surpass those of smaller packages.
Sponsored Post

Can the EventSentry Agents cause the same outage & disruption like the CrowdStrike Falcon sensor did?

The faulty Rapid Response Content CrowdStrike update that disabled millions of Windows machines across the globe on 7/19/2024 was any IT professional’s nightmare. Having to manually visit and restore each affected machine (further complicated by BitLocker) severely limited the recovery speed, especially for businesses with remote locations, TVs, kiosks, etc.

Understanding Security Log Analytics vs. SIEM for Midsized Companies Targeted by Cybercriminals

SecOps teams at midsize companies face a unique set of challenges when it comes to managing organizational cybersecurity. Midsize companies (those with 100-999 employees and $50 million-$1 billion in annual revenue, according to Gartner) possess significant financial resources and valuable data that may be targeted by digital adversaries.

Using MITRE ATT&CK for Incident Response Playbooks

A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.

Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Snowflake is a fully managed data platform that enables users to store, process, and analyze large volumes of data across their cloud environments. Recently, Datadog’s Security Research Team posted a threat hunting guide to help defenders ensure the security of their Snowflake instances.

Log it like you mean it: Best practices for security

Not every log is equal As solutions architects at Elastic, we receive a lot of questions around how to fine-tune a security environment, such as: The answer is often, "it depends." So, we’d like to explore the parameters behind these questions to provide you with a more comprehensive understanding of how they influence the response.