%term

The latest News and Information on Security Incident and Event Management.

Exabeam Extends Agent Behavior Analytics to the Google Cloud Agent Ecosystem

Apr 22, 2026 By Exabeam In Exabeam

Comprehensive visibility and anomaly detection now available for agents built with Google Cloud's Agent Development Kit and multi-agent workflows via the upcoming Google Agent Gateway.

Read Post

Exabeam

Read more about Exabeam Extends Agent Behavior Analytics to the Google Cloud Agent Ecosystem

Securing air-gapped environments with Elastic on Google Distributed Cloud

Apr 22, 2026 By Jason Pappalexis In Elastic

If you are not using AI to defend against AI, you will lose. But for organizations operating in air-gapped environments, the path to AI-driven defense can be blocked by the very isolation that protects them. Today, we're announcing that Elastic Security is now the embedded security layer for Google Distributed Cloud (GDC) air-gapped environments, expanding our collaboration with Google Cloud.

Read Post

Elastic

Read more about Securing air-gapped environments with Elastic on Google Distributed Cloud

OWASP Defines AI Agent Risk. Behavioral Analytics Detects It

Apr 22, 2026 By Exabeam In Exabeam

The OWASP Top 10 for Agentic Applications defines the most common AI agent risks, but real attacks unfold across multiple stages of behavior. Behavioral analytics detects those risks by modeling how users, AI agents, and their interactions change over time. By observing deviations across inputs, processing, and outputs, security operations teams can identify insider‑driven and agent‑driven threats that traditional, event‑based detection misses.

Read Post

Exabeam

Read more about OWASP Defines AI Agent Risk. Behavioral Analytics Detects It

Best Practices for Managing Hybrid Cloud Security

Apr 22, 2026 By Jeff Darrington In Graylog

As a kid, fruit punch always seemed like a magical drink. A mix of orange, cherry, apple, and cranberry created a unique flavor that differed substantially from any one juice. These hybrid drinks not only quenched thirst but their complexity made it difficult to truly recreate them by hand.

Read Post

Graylog

Read more about Best Practices for Managing Hybrid Cloud Security

Ep 39: This is your first ransomware attack, not ours

Apr 21, 2026 By Sumo Logic, Inc. In Sumo Logic

On this episode of Masters of Data, we sat down with Steven Manley, CTO of Druva, to get the unfiltered truth about ransomware: it's not a matter of if you'll be breached, but when, and bad actors are now launching hundreds of attacks at a surprisingly low cost. We dig into why attackers lurk undetected for 200-plus days, how AI is being weaponized for everything from eerily convincing voice phishing to secretly training your own AI systems against you, and why your most protected assets are rarely what gets hit first.

View Video

Sumo Logic

Read more about Ep 39: This is your first ransomware attack, not ours

92% of security leaders say their SIEM is effective. 51% say it's exceptional. What's living in that gap?

Apr 16, 2026 By Michelle Beastall In Sumo Logic

If you hear that a product is 92% effective, you’d assume it’s operating as intended. It seems like a success story. But dig a little deeper, and the picture changes; only 51% say that their security information and event management (SIEM) is very effective. What does it mean when a majority of security relies on a tool that works, but doesn’t work well enough? Not broken, not exceptional. It’s somewhere in between.

Read Post

Sumo Logic

Read more about 92% of security leaders say their SIEM is effective. 51% say it's exceptional. What's living in that gap?

How Lean Security Teams Stay Ahead of AI-Powered Attacks

Apr 16, 2026 By Jeff Darrington In Graylog

In “Terminator 2“, the T-800 does not win because humans worked harder. It wins because the same machine capability that made it dangerous was reprogrammed to fight for the defenders. Project Glasswing is exactly that. Claude Mythos Preview is Anthropic’s most powerful AI model and the one they refused to release publicly because it autonomously found thousands of zero-day vulnerabilities across every major operating system and browser. Flaws that decades of expert review never caught.

Read Post

Graylog

Read more about How Lean Security Teams Stay Ahead of AI-Powered Attacks

Why AI won't steal your SOC analyst job

Apr 16, 2026 By Peter Weller In Elastic

Let's address the elephant in the room, or I should say … the AI in the security operations center (SOC). If you're an SOC analyst, you've probably heard the doom and gloom predictions — AI is coming for your job! AI will replace you! Start updating your resumes now! In all honesty, that probably is not the case. AI isn't going to take your job, but it will change how you do it — and that's brilliant news.

Read Post

Elastic

Read more about Why AI won't steal your SOC analyst job

Claude Mythos, Project Glasswing, and the Machine-Speed Security Race

Apr 16, 2026 By Exabeam In Exabeam

Anthropic’s latest Claude news shows how AI is compressing the time from vulnerability discovery to credentialed lateral movement, and why security teams need behavior-based detection across humans and AI agents. Anthropic’s Project Glasswing, announced on April 7, 2026, gives selected partners early access to Claude Mythos Preview for defensive cybersecurity work. Anthropic says the model has already identified thousands of zero-day vulnerabilities across critical infrastructure.

Read Post

Exabeam

Read more about Claude Mythos, Project Glasswing, and the Machine-Speed Security Race

This May Be Hurting Your Incident Response Efforts...

Apr 16, 2026 By LevelBlue In LevelBlue

Some of the biggest delays in incident response aren’t caused by the attacker… they’re caused by the first steps taken after discovery. A few examples of well-intentioned actions that can unintentionally slow investigations and extend recovery timelines: Resilience isn’t built during an incident. It’s built before one ever happens.

View Video