SIEM

The latest News and Information on Security Incident and Event Management.

CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM

Dec 11, 2023 By Andres Ramos In Arctic Wolf

On November 14, 2023, FortiGuard published an advisory disclosing that a critical command injection vulnerability (CVE-2023-36553) had been patched in the latest updates for FortiSIEM. The vulnerability was rated with a Common Vulnerability Scoring System (CVSS) score of 9.3, as it can be exploited remotely by an unauthenticated threat actor using crafted API requests to execute unauthorized commands. This vulnerability is caused by improper neutralization of special elements in FortiSIEM report server.

Read Post

Arctic Wolf

Read more about CVE-2023-36553: Critical OS Command Injection Vulnerability in FortiSIEM

Leveraging OpenAPI as a Core Element of API and Application Security

Dec 8, 2023 By Robert Dickinson In Graylog

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Read Post

Graylog

Read more about Leveraging OpenAPI as a Core Element of API and Application Security

Unlock the Power of Your SIEM with Co-Managed SOC

Dec 8, 2023 By Jason Whyte In Trustwave

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools, network structures, and software applications. Yet, the mere presence of a SIEM isn't a magic bullet. For optimal functionality, SIEM systems must be appropriately set up, governed, and supervised round-the-clock.

Read Post

Trustwave

Read more about Unlock the Power of Your SIEM with Co-Managed SOC

Reflecting on 2023: Evolving our Product, Deepening Partnerships, and Staying Committed to the Security Community

Dec 6, 2023 By Devo In Devo

As the new year approaches, security professionals and analysts alike are taking a step back to review what has transpired over the past twelve months. At Devo, 2023 was an exciting year full of change and progress. As we look forward to 2024, we want to take some time to reflect on Devo’s year across product enhancements, analyst recognition, partnerships, and community engagement.

Read Post

Devo

Read more about Reflecting on 2023: Evolving our Product, Deepening Partnerships, and Staying Committed to the Security Community

Changes to Datadog Cloud SIEM

Dec 4, 2023 By Vera Chan In Datadog

In order to help organizations more effectively secure their cloud environments, we are making changes to our Cloud SIEM product. As of December 4, Datadog has introduced a new offering in Cloud SIEM: Cloud SIEM 15-Months Retention, which automatically stores logs for 15 months after ingestion.

Read Post

Datadog

Read more about Changes to Datadog Cloud SIEM

Monitor GitHub with Datadog Cloud SIEM

Dec 4, 2023 By Martin McCloskey In Datadog

GitHub is a mission-critical software development and version control platform that is used to store proprietary source code and other sensitive data. Monitoring logs generated by activity in your GitHub environment can be useful, as unexpected patterns of behavior could indicate attacker activity or insider threats.

Read Post

Datadog

Read more about Monitor GitHub with Datadog Cloud SIEM

Secure your AWS environment faster with Sumo Logic's AWS Built-in Competency

Nov 30, 2023 By JT Rakitan In Sumo Logic

In the fast-paced world of cloud-based attacks, staying ahead of the curve with cloud-native security solutions is paramount. Sumo Logic, a leading name in the field, has taken a significant leap forward by embracing AWS Built-in and becoming a launch partner for the AWS Built-in Competency. Let’s explore how Sumo Logic and AWS collaborated to define a new way to deliver an integrated solution that expands upon the requirements of AWS Native Service integrations across foundational cloud domains.

Read Post

Sumo Logic

Read more about Secure your AWS environment faster with Sumo Logic's AWS Built-in Competency

MDR vs MSSP vs SIEM: The Evolving Threat Detection Landscape

Nov 29, 2023 By Kroll In Kroll

Effective threat detection is critical to achieving a mature cybersecurity posture. Yet with so many threat detection options on the market, from managed detection and response (MDR) to managed security service providers (MSSPs) to security information and event management (SIEM), choosing the most effective one for your organization can be challenging.

Read Post

Kroll

Read more about MDR vs MSSP vs SIEM: The Evolving Threat Detection Landscape

Getting Your Daily Security News Into Graylog

Nov 29, 2023 By The Graylog Team In Graylog

For as long as I can remember, I have started my day off by reading various security news sites to figure out what I need to be aware of and any new trends that are being spotted. I used to do this on my phone while commuting, and now I work from home, but I still follow this routine, and that got me thinking, why not feed Graylog with this information?

Read Post

Graylog

Read more about Getting Your Daily Security News Into Graylog

Grow Your Business with a 24/7 Security Operations Center (SOC) using Open Source Technologies.

Nov 28, 2023 By UTMStack In UTMStack

Keeping IT Services profitable can be challenging, equipment and software costs increase, margins suffer and customers cancel. The solution resides in the economy of horizontal scale. Imagine what could happen if your existing customers contracted two times more services from your business, would that help? Sell them something every business needs: cybersecurity, launch your own Security Operations Center, and close new profitable deals. Why UTMStack and not something else? The answer is simple: UTMStack is free and Open source and very intuitive, so you can hit the ground up and running in no time.

View Video