%term

The latest News and Information on Security Incident and Event Management.

The Crucial Role of Log Management in Compliance

May 13, 2023 By cesmng In UTMStack

In today’s digital landscape, businesses face a multitude of regulatory requirements designed to safeguard sensitive data and protect individuals’ privacy. Compliance with regulations such as HIPAA, GLBA, CMMC, PCI, and others has become paramount, making it essential for organizations to have robust log management solutions in place.

Read Post

UTMStack

Read more about The Crucial Role of Log Management in Compliance

Micro Lesson: Using the Cloud SIEM Enterprise Audit App

May 11, 2023 By Sumo Logic In Sumo Logic

Learn about Sumo Logic's Cloud SIEM Enterprise Audit App, containing dashboards to give you visibility into Cloud SIEM Insights, Records, Signals, and Rules.

View Video

Sumo Logic

Read more about Micro Lesson: Using the Cloud SIEM Enterprise Audit App

Micro Lesson: Cloud SIEM First Seen Rules

May 11, 2023 By Sumo Logic In Sumo Logic

Learn more about Cloud SIEM's new First Seen Rules, which can generate signals when certain behavior or activity is detected for the first time.

View Video

Sumo Logic

Read more about Micro Lesson: Cloud SIEM First Seen Rules

Micro Lesson: Cloud SIEM Entity Timeline & Relationship Graph

May 11, 2023 By Sumo Logic In Sumo Logic

Learn more about two key tools in Cloud SIEM: the Entity Timeline and Entity Relationship Graph and how they can help analyze security incidents.

View Video

Sumo Logic

Read more about Micro Lesson: Cloud SIEM Entity Timeline & Relationship Graph

A taxonomy of endpoint security detection bypasses

May 11, 2023 By John Uhlmann In Elastic

I often see “EDR” used as a synonym for “industry-leading endpoint security solution.” There are times when this is accurate, but there are also times when I believe that this generalization stymies discourse around current capability gaps in the endpoint security ecosystem. In this blog post, I want to share my personal taxonomy for endpoint security products — albeit one that perhaps confusingly reuses existing terminology.

Read Post

Elastic

Read more about A taxonomy of endpoint security detection bypasses

Devo Platform 8.0 Release

May 11, 2023 By The Devo Team In Devo

2022 was a year of dramatic expansion for The Devo Platform. The enhancements of behavior analytics, workflow automation, and AI-driven threat detection have transformed the Devo Platform into a cloud-native, SIEM, UEBA, and SOAR solution. This gives security teams the visibility, high performance, and advanced analytics they need to respond quickly to threats and protect the business.

Read Post

Devo

Read more about Devo Platform 8.0 Release

CISO Backgrounds and Considerations for 2023

May 10, 2023 By Kayla Williams In Devo

The CISO role has evolved in recent years. CISO’s don’t come just from technical and security backgrounds anymore. Each organization has their own distinct vision for how to solve their security needs whether they are customer, regulatory, or industry driven. I started out my career as an external auditor, with the goal of becoming a CFO.

Read Post

Devo

Read more about CISO Backgrounds and Considerations for 2023

Micro Lesson: Cloud SOAR Automated Responder Knowledge (ARK)

May 10, 2023 By Sumo Logic In Sumo Logic

Learn more about Cloud SOAR's Automated Responder Knowledge (ARK) feature, which uses machine learning to dynamically suggest playbooks in response to incidents, based on other similar incidents.

View Video

Sumo Logic

Read more about Micro Lesson: Cloud SOAR Automated Responder Knowledge (ARK)

How-To Guide: Securing Graylog with TLS

May 10, 2023 By Drew Miranda In Graylog

Welcome to our technical blog, where we’ll be diving into the world of Graylog and how you can secure your Graylog Server with Transport Layer Security (TLS). As an admin or a tech-savvy user, you know the importance of protecting your Graylog Server and the logs it manages from unauthorized access.

Read Post