%term

The latest News and Information on Security Incident and Event Management.

CrowdStrike Falcon Next-Gen SIEM Correlation Rule Template Discovery Dashboard

Jul 31, 2025 By CrowdStrike In CrowdStrike

Finding the right detection content can be a challenge. The Correlation Rule Template Discovery Dashboard in CrowdStrike Falcon Next-Gen SIEM makes it easy to discover, explore, and activate relevant correlation rules—based on the data you already ingest. This demo highlights key features like compatibility mapping, real-time data source health, and automatic surfacing of new and updated templates. Stay aligned with the latest threats and streamline detection engineering in just a few clicks.

View Video

CrowdStrike

Read more about CrowdStrike Falcon Next-Gen SIEM Correlation Rule Template Discovery Dashboard

From alert fatigue to action: Smarter SOC workflows for defence teams

Jul 30, 2025 By Crossley McEwen In Elastic

Free your analysts to focus on what really matters: security outcomes. Security teams in the UK Ministry of Defence (MOD) are facing a dual burden: the growing volume and sophistication of cyber threats and the relentless operational grind of triaging alerts, managing compliance, and stitching together intelligence from fragmented systems. The reality is clear: Traditional security operations center (SOC) workflows aren't built for today’s pace and quantity of threats.

Read Post

Elastic

Read more about From alert fatigue to action: Smarter SOC workflows for defence teams

Are You Protecting the Right People in Your Organization?

Jul 29, 2025 By The Graylog Team In Graylog

If your security priorities still center on CVSS scores and device vulnerabilities, you’re missing a significant piece of the risk puzzle. People. Attackers aren’t following your org chart. They’re targeting whoever gives them access. Enter the concept of Very Attacked People (VAPs): individuals in your environment who attract the most persistent, targeted attacks. And they’re not always the CEO or the CISO.

Read Post

Graylog

Read more about Are You Protecting the Right People in Your Organization?

Ep 1: So you're buying your first SIEM...here's how not to suck at it

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Join security experts, Adam White and David Girvin as they walk through the ultimate playbook for buying your first SIEM without lighting your budget (and your team’s morale) on fire.

View Video

Sumo Logic

Read more about Ep 1: So you're buying your first SIEM...here's how not to suck at it

Ep 3: CISOs hate their security tools

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

Sumo Logic’s 2025 Security Operations Insights report surveyed 500 IT and security leaders from enterprise organizations to uncover what’s really happening inside today’s SOCs. Join security experts Adam White, David Girvin, and Zoe Hawkins as they break down the top findings from the report and shed light on what every analyst and CISO has felt for years: the system needs a reset.

View Video

Sumo Logic

Read more about Ep 3: CISOs hate their security tools

Ep 2: Hacked together: fast, safe prototyping with AI

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

Join security experts Adam White, Chas Clawson, and Seth Williams as they explore how AI-first development is reshaping the way cybersecurity teams build, test, and deploy solutions. Traditional development cycles often leave critical ideas trapped in backlogs, but with Gen-AI and language models, security teams can now move from concept to prototype in hours, not months.

View Video

Sumo Logic

Read more about Ep 2: Hacked together: fast, safe prototyping with AI

SharePoint "ToolShell" zero day

Jul 24, 2025 By Paul Sheck In Sumo Logic

Hats off to the great work the community and industry has done regarding the “ToolShell” attack against Microsoft’s On-Premise SharePoint servers. The goal of this article is to build on that great work and help Sumo Logic customers with on-prem SharePoint servers investigate and identify evidence within their environments.

Read Post

Sumo Logic

Read more about SharePoint "ToolShell" zero day

Security 101 -- Customer Brown Bag -- July 24th, 2025

Jul 24, 2025 By Sumo Logic, Inc. In Sumo Logic

This beginner-friendly session covers the essentials of building a smart security operation. Learn from Christopher Beier how to collect the right logs, use built-in content, and navigate detections, threat intel, and alerts with Logs for Security and Cloud SIEM.

View Video

Sumo Logic

Read more about Security 101 -- Customer Brown Bag -- July 24th, 2025

Bits AI Security Analyst: Automate Cloud SIEM investigations

Jul 23, 2025 By Datadog In Datadog

Datadog's Bits AI Security Analyst transforms the way security teams handle investigations by autonomously triaging Datadog Cloud SIEM signals. Built natively in Datadog, it conducts in-depth investigations of potential threats and delivers clear, actionable recommendations. With context-rich guidance for mitigation, security teams can stay ahead of evolving threats with greater efficiency and precision.

View Video

Datadog

Read more about Bits AI Security Analyst: Automate Cloud SIEM investigations

AI is cybersecurity's biggest threat

Jul 23, 2025 By Mandy Andress In Elastic

It’s also its greatest defense The biggest threat in our rapidly evolving cybersecurity landscape is artificial intelligence (AI).1 It’s also our greatest defense. Cybersecurity is a high-stakes game where everything is on the line and decisions have to be made fast. For years, cybersecurity strategy has been about increasing visibility to make informed decisions from vast amounts of data.

Read Post