%term

The latest News and Information on Security Incident and Event Management.

When AI skips the app layer: Welcome to the OS Hunger Games

Sep 4, 2025 By David Girvin In Sumo Logic

Remember when we thought the application layer was where all the fun happened? Firewalls, WAFs, EDR, dashboards galore — the entire security industrial complex built around watching what apps do. Well, with “agentic AI” running the show, that middle ground is turning into a bypass lane. Instead of clicking through UIs or APIs, your AI buddy is making direct system calls, automating workflows at the OS and hardware level.

Read Post

Sumo Logic

Read more about When AI skips the app layer: Welcome to the OS Hunger Games

End-to-End AI in Security Operations | Exabeam Nova's 6 AI Agents Explained

Sep 4, 2025 By Exabeam In Exabeam

Is your AI just a chatbot? Exabeam Nova delivers true end-to-end AI—from behavioral detections and automated investigations to natural language reports and intelligent case creation. Six purpose-built AI agents Full-cycle threat detection, investigation, response Subscribe for more product demos and cybersecurity insights!

View Video

Exabeam

Read more about End-to-End AI in Security Operations | Exabeam Nova's 6 AI Agents Explained

SIEM vs. XDR: 5 Things to Consider

Sep 3, 2025 By Stephen Helm In WatchGuard

As IT environments become more complex, organizations face rising threat volumes, persistent cybersecurity talent shortages, and adversaries capable of dwelling undetected for days and moving laterally within hours. In this context, choosing between SIEM and XDR is no longer a technical preference; it’s a strategic decision that shapes how your organization defends itself.

Read Post

WatchGuard

Read more about SIEM vs. XDR: 5 Things to Consider

Where Online Analytical Processing (OLAP) Overlaps With Security Operations

Sep 2, 2025 By Jeff Darrington In Graylog

Imagine security data and analytics like a carnival’s hall of mirrors. From convex mirrors that show you a shorter, squatter version of something to the concave mirrors that show a highly magnified image, you see the same object in multiple ways. Every view gives you a different insight and provides a unique vantage point. Online Analytical Processing (OLAP) systems are different mirrors that allow security teams to create focused analytics models for different insights about your security posture.

Read Post

Graylog

Read more about Where Online Analytical Processing (OLAP) Overlaps With Security Operations

Breach Ready. Board Ready. Built for Efficiency.

Sep 2, 2025 By Beth Dannemiller In Securonix

In today’s modern SOC, more data doesn’t always mean better outcomes. Security teams are overwhelmed by irrelevant telemetry, storage bills are out of control, and compliance regulations demand long-term retention—even for data with little threat value. Legacy SIEMs treat all logs the same, flooding analysts with noise and slowing down response times. The result? Bloated infrastructure, delayed investigations, and boardroom frustration over unproven ROI.

Read Post

Securonix

Read more about Breach Ready. Board Ready. Built for Efficiency.

Ep 7: SOAR Loser: Does the O in SOAR stand for obsolete?

Aug 26, 2025 By Sumo Logic, Inc. In Sumo Logic

SOAR might sound like a superhero for security teams, but is it actually flying too close to the sun? In this episode, Adam and David unpack why security orchestration, automation, and response have been helpful… but might be headed for retirement, thanks to AI shaking up the game. They also dig into the headaches of managing clunky SOAR systems and why it’s time to rethink workflows and case management before you get left in the dust.

View Video

Sumo Logic

Read more about Ep 7: SOAR Loser: Does the O in SOAR stand for obsolete?

The New CISO Podcast Ep.133 - Steve Lodin | Teachable Moments: How to Learn from Career Challenges

Aug 25, 2025 By Exabeam In Exabeam

In this episode of The New CISO, host Steve Moore speaks with Steve Lodin, VP of Information Security at Sallie Mae, about the career challenges that shaped his leadership style and the lessons he’s learned across decades in cybersecurity.

View Video

Exabeam

Read more about The New CISO Podcast Ep.133 - Steve Lodin | Teachable Moments: How to Learn from Career Challenges

Exabeam Research: AI Supercharges Insider Threats, Now Outpacing External Attacks

Aug 21, 2025 By Exabeam In Exabeam

74% report AI is making insider threats more effective, and 53% expect insider threats to increase.

Read Post

Exabeam

Read more about Exabeam Research: AI Supercharges Insider Threats, Now Outpacing External Attacks

Building effective threat hunting and detection rules in Elastic Security

Aug 21, 2025 By Kseniia Ignatovych, In Elastic

Learn to create custom detection rules in Elastic Security following real detection use cases. This blog will guide you through creating custom detection rules in Elastic Security, equipping you with best practices for using Elasticsearch Query Language (ES|QL) and Elastic AI Assistant to refine threat detection logic and add crucial context for analysts. You’ll learn how to effectively preview, test, and enhance your rules, ultimately strengthening your security operations.

Read Post

Elastic

Read more about Building effective threat hunting and detection rules in Elastic Security

Ep 6: Security haven or horror story: from SIEMs to lakes to lakehouses

Aug 19, 2025 By Sumo Logic, Inc. In Sumo Logic

Between SIEMs, data lakes, and data lakehouses, the buzzwords alone could fill a glossary. In this episode, Adam and David break down the real differences between data lakes and SIEM systems and why effectively managing all that data is crucial for staying visible and secure. They also dive into how AI is shaking up the game and why picking the right tools can mean the difference between being overwhelmed and being in control.

View Video