%term

The latest News and Information on Security Incident and Event Management.

The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Dec 17, 2025 By Oren Shevach In Sumo Logic

For years, security teams have dealt with the challenges of alert fatigue, endless tools and data sources, and constant context switching. But, so far, we haven’t been able to significantly improve it with traditional tools. However, new agentic approaches can start providing improved gains. This begins to change the way SOC teams operate and approach managing their talent.

Read Post

Sumo Logic

Read more about The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Fireside Chat: LevelBlue + Tenable Partnership - Unlimited Vulnerability Scanning at No Cost

Dec 16, 2025 By LevelBlue In LevelBlue

Discover how LevelBlue and Tenable are transforming cybersecurity in this exclusive fireside chat featuring Michael Vaughn, Director of Product Management at LevelBlue, and Greg Goetz, VP of Global Strategic Partners at Tenable.

View Video

LevelBlue

Read more about Fireside Chat: LevelBlue + Tenable Partnership - Unlimited Vulnerability Scanning at No Cost

Questions to ask before vetting an AI agent for your SOC

Dec 16, 2025 By Margaret Selid In Sumo Logic

So you’re ready to “hire” an agent or two for security operations. While AI agents won’t replace your human analysts, they are quickly becoming indispensable team members. Choosing the right ones should resemble a typical hiring process: you need to determine if they possess the necessary skills to fill your team’s gaps, work effectively with others, and grow with your organization. Here are five questions worth asking before you bring an AI agent on board in your SOC.

Read Post

Sumo Logic

Read more about Questions to ask before vetting an AI agent for your SOC

Platform enhancements strengthening security across every child org

Dec 16, 2025 By Margaret Selid In Sumo Logic

Multi-org environments introduce complexity that most tools simply weren’t built for. Analysts are often forced to jump between different orgs, duplicate configuration work, and maintain parallel dashboards, alerts, and content–inefficiencies that increase risk, overhead, and time-to-response. Every minute spent managing infrastructure is one you’re not spending serving your clients or responding to threats.

Read Post

Sumo Logic

Read more about Platform enhancements strengthening security across every child org

Understanding the Department of Justice (DOJ) Data Security Program

Dec 16, 2025 By The Graylog Team In Graylog

On April 8, 2025, the National Security Division (NSD) of the US Justice Department (DOJ) implemented the Data Security Program (DSP).

Read Post

Graylog

Read more about Understanding the Department of Justice (DOJ) Data Security Program

Ep 23: How to bootstrap your AppSec program

Dec 16, 2025 By Sumo Logic, Inc. In Sumo Logic

On this episode of Masters of Data, Adam sits down with Zoe Hawkins and David Girvin to talk AppSec programs that don't suck. David's hot take from his 1Password and Red Canary days? AppSec is a people problem, not a tooling problem—stop being the person devs dodge at standup. We cover the essentials: build relationships first, threat model based on actual business risk (not your anxiety), and ditch the "shift left" obsession with scanning everything. Instead, start with offensive testing that finds vulnerabilities attackers can actually exploit.

View Video

Sumo Logic

Read more about Ep 23: How to bootstrap your AppSec program

The only vendor standing: Elastic's clean sweep in 2025 AV-Comparatives Tests

Dec 15, 2025 By Roxana Gheorghe In Elastic

In the current threat landscape, the margin for error is nonexistent. According to the IBM Cost of a Data Breach Report 2025,1 the average cost of a data breach in the US has surged to a record $10.22 million — a 9% increase from the previous year. For security teams, this reality creates a high-pressure environment where every missed signal or allowed compromise can spiral into a headline-making crisis.

Read Post

Elastic

Read more about The only vendor standing: Elastic's clean sweep in 2025 AV-Comparatives Tests

How to choose AI security tools that actually reduce false positives

Dec 11, 2025 By David Girvin In Sumo Logic

Let’s be honest: if your SOC is drowning in noise, you’re not “doing security.” You’re babysitting tools that cry wolf. And the wolves? They’re doing just fine. Every vendor claims their AI magically cuts false positives. Most don’t. Why?

Read Post

Sumo Logic

Read more about How to choose AI security tools that actually reduce false positives

Why a People-Centric Security Strategy Improves Resilience

Dec 10, 2025 By The Graylog Team In Graylog

If Darth Vader and the rest of the Empire made one major strategic mistake, it was failing to understand the important role that the human element plays in security. Convinced of their superiority, the Empire’s leaders assumed that the Death Star was impenetrable. However, in the end, it was a scientist and his team who compromised the technology by building in a backdoor.

Read Post

Graylog

Read more about Why a People-Centric Security Strategy Improves Resilience

Logs & Lattes Episode 4: How 2025 Reshaped SOCs and What Matters in 2026

Dec 10, 2025 By Graylog In Graylog

Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.

View Video