Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Security Incident and Event Management.

devo

Overcome Data Overload with Autonomous Investigations and Threat Hunting

Jan 17, 2023 By Rakesh Nair In Devo

It’s no secret that SOC teams are struggling. The main reason is the sheer volume of data they must collect and analyze to thwart cybercrime. The data sources they need to account for include applications, transactions, IoT devices, mobile devices, and more. And the amount of global information created, replicated, and consumed is projected to increase to more than 180 zettabytes over the next five years, making the data challenge we’re facing even worse.

Read Post
sumologic

Why the quickest response is not always the best in cybersecurity

Jan 12, 2023 By Enrico Benzoni In Sumo Logic
The need for fast incident response is a given. No industry professional would deny how critical a rapid response is when dealing with a cyber threat and an incident. However, it is equally important to understand that the quickest response is not always the best in cybersecurity. Security operations centers (SOCs) and organizations must factor in other variables, too, when preparing for the inevitable, as recent cyber stats suggest.
Read Post
elastic

Elastic Security 8.6 improves investigation and response across a unified SIEM, endpoint security, and cloud security solution

Jan 10, 2023 By Mike Paquette In Elastic
Elastic Security 8.6 helps security practitioners investigate and respond to threats quickly at cloud scale with SIEM, cloud security, and endpoint security. This release includes new data source integrations, expanded prebuilt detection content, and improved detection engineering and analyst workflows — bringing efficacy and efficiency to the modern security operations center (SOC).
Read Post

AT&T Cybersecurity Customer Welcome Package

Jan 6, 2023 By LevelBlue In LevelBlue
This customer welcome video will be instrumental in establishing effective communication between AT&T's valued MSS customers and the AT&T MSS support team. This video will aid you with accessing AT&T's MSS support services, we are providing you with AT&T processes, guidelines, and contact / escalation information. These guidelines make it easier for the AT&T MSS team and your organization to successfully interface together to complete all the change requests and problem resolution situations that may arise in conjunction with your Managed Security Service.
View Video
graylog

Centralized Log Management for the Digital Operational Resilience Act (DORA)

Jan 4, 2023 By Jeff Darrington In Graylog
The financial services industry has been a threat actor target since before digital transformation was even a term. Further, the financial services organizations find themselves continuously under scrutiny. As members of a highly regulated industry, these companies need to comply with various laws to ensure that they effectively protect sensitive data.
Read Post
manageengine

Year in review: ManageEngine Log360's analyst recognition from 2022

Dec 27, 2022 By Log360 In ManageEngine

Cyberattacks have intensified over the last few years as threat actors are always improvising their game plan to carry out new and sophisticated methods. Concepts like Ransomware as a Service have made it easy for small threat groups to leverage weaponized services with devastating results for organizations. This highlights how traditional security systems and approaches are no longer able to keep up with the ever-evolving threat landscape.

Read Post
graylog

Centralized Log Management for the German IT Security Act 2.0

Dec 22, 2022 By The Graylog Team In Graylog
Governments, businesses, and society depend on reliable, functioning information and communication technology. However, increased severity of ransomware attacks and vulnerabilities in computer chips undermine these infrastructures. Further, as people adopt Internet of Things (IoT) devices, their inherent lack of security and ability to be aggregated into large, malicious bot networks increases these risks.
Read Post
sumologic

How Australia's Privacy Legislation Amendment impacts cybersecurity

Dec 22, 2022 By Stefan Tapp In Sumo Logic
Almost every day we hear of another data breach. There has been no shortage of headline-hitting breaches here in Australia, such as Medibank and Optus. The old-school method of ransomware encrypting any data it has access to and requesting a ransom for the decryption key to restore data has evolved. It is now a more insidious and far-reaching problem involving bad actors exfiltrating data and requesting a ransom to keep from exposing that data publicly.
Read Post
netwrix

Firewall Log Management and SIEMs

Dec 21, 2022 By Dirk Schrader In Netwrix

Firewalls are the first line of defense in any network. Firewalls can be software or appliances, and organizations can configure them up to allow or disallow some or all IP traffic, or to verify specific traffic types based on rules that use deep packet inspection. For maximum effectiveness, it’s critical to monitor the operation of your firewalls to spot threats and misconfiguration.

Read Post
graylog

Redacting Message Fields for Privacy Purposes

Dec 20, 2022 By The Graylog Team In Graylog
Many organizations today have strict data privacy regulations that they must comply with. These privacy regulations can often clash with the requirements of security, application and operations teams who need detailed log information. At Graylog, many of the organizations who use our tool are logging sensitive data that may contain personally identifiable information, health related data or financial data.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.