%term

The latest News and Information on Security Incident and Event Management.

From endpoint to XDR: Operationalize Jamf Protect data in Elastic Security

Oct 6, 2025 By Raquel Tabuyo In Elastic

Enhance your threat detection, investigation, and response capabilities by integrating Jamf Protect macOS data within Elastic Security. Security teams often struggle to detect and respond to macOS threats with endpoint data alone. The integration with Jamf Protect changes that. Jamf Protect delivers rich macOS telemetry and built-in protections like Threat Prevention and Network Protection, powered by Jamf Threat Labs.

Read Post

Elastic

Read more about From endpoint to XDR: Operationalize Jamf Protect data in Elastic Security

LimaCharlie Search Demo: SIEM Capabilities for Modern SecOps

Oct 6, 2025 By LimaCharlie In LimaCharlie

Get a first look at LimaCharlie's new advanced Search feature in this demo walkthrough. Search transforms how security teams investigate alerts, hunt for threats, and build detections across their entire security stack.

View Video

LimaCharlie

Read more about LimaCharlie Search Demo: SIEM Capabilities for Modern SecOps

Case Management with Falcon Next-Gen SIEM

Oct 3, 2025 By CrowdStrike In CrowdStrike

Speed and structure are essential for modern incident response. Falcon Next-Gen SIEM introduces built-in Case Management, giving security teams a unified workspace to organize detections, artifacts, and related activity. Analysts can standardize investigations with templates, enforce SLAs, and escalate cases automatically to the right teams.

View Video

CrowdStrike

Read more about Case Management with Falcon Next-Gen SIEM

Smart Logging Without the Price Trap

Oct 3, 2025 By Graylog In Graylog

How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.

View Video

Graylog

Read more about Smart Logging Without the Price Trap

Ten modern SIEM use cases at cloud scale

Oct 2, 2025 By Sridhar Karnam In Sumo Logic

The role of SIEM has never gone away. From the beginning, it’s been the backbone of security operations: the system where logs converge, alerts are analyzed, and incidents are investigated. What’s changed is our ability to use it correctly. Legacy, traditional SIEM tools forced trade-offs. Teams filtered data at ingest, dropped logs to control costs, or siloed analytics into disconnected point tools. The result was a SIEM that felt heavy, reactive, and underwhelming.

Read Post

Sumo Logic

Read more about Ten modern SIEM use cases at cloud scale

Elastic Security Explained: Transparency, AI, and the Future of Threat Hunting

Oct 2, 2025 By Elastic In Elastic

Elastic’s James Spiteri joins John Hammond to dive deep into the evolution of Elastic Security, from the ELK stack’s early days to today’s full-fledged, unified SIEM, XDR, and cloud security solution powered by agentic AI and automation. They discuss free tools, open detections, and how Elastic is making cybersecurity more accessible and collaborative for everyone.

View Video

Elastic

Read more about Elastic Security Explained: Transparency, AI, and the Future of Threat Hunting

Security Pipelines Are Broken. Here's How to Fix Them

Oct 2, 2025 By The Graylog Team In Graylog

There’s a quiet failure at the heart of many security programs. It’s not a lack of data. It’s too much of the wrong data. Telemetry pipelines built for volume, not visibility, now flood teams with noise instead of insight. The result? More alerts. Slower response. Overworked analysts are stuck maintaining ingestion rules instead of catching real threats.

Read Post

Graylog

Read more about Security Pipelines Are Broken. Here's How to Fix Them

Exabeam Delivers First Configurable Peer Benchmarking for CISO Decision-Making

Oct 1, 2025 By Exabeam In Exabeam

New capabilities in the Exabeam Nova Advisor Agent and Outcomes Navigator operationalize benchmarking for proactive security operations.

Read Post

Exabeam

Read more about Exabeam Delivers First Configurable Peer Benchmarking for CISO Decision-Making

From raw data to real-time defense: A conversation with John Hammond

Oct 1, 2025 By James Spiteri In Elastic

Explore how Elastic Security's unified platform with SIEM and XDR protections transforms SOC workflows through AI-powered analytics and consolidated security operations. Elastic Security Director of Product Management James Spiteri recently joined cybersecurity researcher, educator, and content creator John Hammond for an in-depth technical demonstration. John spends his days analyzing malware, breaking down attacker techniques, and making hackers earn their access.

Read Post

Elastic

Read more about From raw data to real-time defense: A conversation with John Hammond

From Fragmented Intel to Unified Response

Oct 1, 2025 By Beth Dannemiller In Securonix

Threat intelligence holds incredible promise—but only if it translates into timely, decisive action. Too often, security teams chase disconnected data across fragmented tools, incompatible formats, and siloed workflows. The result? Slower response times, missed threats, and exhausted SOC analysts. The answer is clear: unified intelligence. That’s the power of the Securonix Unified Defense SIEM and ThreatQ integration—streamlined, contextualized, and built for action.

Read Post