SIEM

The latest News and Information on Security Incident and Event Management.

Valuable Career Insights for Your Career in Cybersecurity

Nov 8, 2023 By devo In Devo

Change is constant in any career, and the world of cybersecurity is no exception. Hackers and cybercriminals devise new tactics regularly, and cybersecurity professionals must stay current with emerging threats and new technology. While keeping pace with these shifts is essential, it’s also important to balance your commitment to the field with your personal career goals.

Read Post

Devo

Read more about Valuable Career Insights for Your Career in Cybersecurity

What's new in Elastic Security 8.11: Piped queries, AI assistance, and cloud and user data

Nov 7, 2023 By Mike Paquette, In Elastic

Elastic Security 8.11 introduces pipe queries with Elasticsearch Query Language (ES|QL), an Elastic AI Assistant connector for AWS Bedrock, and data integrations for Okta, Microsoft Entra ID, Wiz, and Palo Alto Prisma Cloud. Together, these enhancements deliver vital guidance and context to threat hunters and investigators. Elastic Security 8.11 is available now on Elastic Cloud — the only hosted Elasticsearch® offering to include all of the new features in this latest release.

Read Post

Elastic

Read more about What's new in Elastic Security 8.11: Piped queries, AI assistance, and cloud and user data

Challenges with Cybersecurity Asset Identification and Management

Nov 6, 2023 By Jeff Darrington In Graylog

Anyone who’s ever misplaced their wallet knows that horrible moment where their stomach drops, the beads of perspiration begin to form on their forehead, and they start mulling over worst-case scenarios. In that worst case scenario, someone used the cash and cards in the wallet to go on a personal spending spree. In a company’s IT environment, a missing device or shadow IT represents that missing wallet.

Read Post

Graylog

Read more about Challenges with Cybersecurity Asset Identification and Management

Applying an intelligence-based approach to Cybersecurity; SIEM and dark web monitoring

Nov 6, 2023 By Chris Mark In AT&T Cybersecurity

“History repeatedly has demonstrated that inferior forces can win when leaders are armed with accurate intelligence.” – Central Intelligence Agency; Intelligence in War In the ever-changing landscape of global cybersecurity, the boundaries between traditional military intelligence and cybersecurity are increasingly blurred. At the heart of this convergence lies the science of intelligence analysis—a process fundamental to both realms.

Read Post

AT&T Cybersecurity

Read more about Applying an intelligence-based approach to Cybersecurity; SIEM and dark web monitoring

Falcon Platform Raptor Release

Nov 6, 2023 By CrowdStrike In CrowdStrike

The next generation of the CrowdStrike Falcon® platform re-architects the platform using the same technology as CrowdStrike’s Next-Gen SIEM to unlock the future of generative AI and XDR for all. This enables you to perform lightning fast searches to hunt for threats and ingest data from sources from across your entire enterprise to detect sophisticated attacks.

View Video

CrowdStrike

Read more about Falcon Platform Raptor Release

Maximizing Data Security in the Cloud - Outperforming On Premise Solution - it-sa 2023 Keynote

Nov 6, 2023 By Sumo Logic In Sumo Logic

In an era where data breaches and cyber threats continue to escalate, businesses are seeking robust security solutions that offer a competitive edge. This session will delve into the advantages and advancements of cloud-based security systems, providing attendees with a comprehensive understanding of how cloud solutions can outshine their on-premise counterparts. We will explore the latest technologies, best practices, and real-world case studies to demonstrate the superior security measures offered by cloud-based solutions.

View Video

Sumo Logic

Read more about Maximizing Data Security in the Cloud - Outperforming On Premise Solution - it-sa 2023 Keynote

Cloud SIEM Log Parser Templates

Nov 3, 2023 By Sumo Logic In Sumo Logic

Learn about log parser templates for Sumo Logic's Cloud SIEM solution. The log parser templates provide a starting place for you to create your own parsers for your log sources. Parsers take logs from different sources and parse them into a standardized format for use in Cloud SIEM.

View Video

Sumo Logic

Read more about Cloud SIEM Log Parser Templates

EventSentry v5.1: Anomaly Detection / Permission Inventory / Training Courses & More!

Nov 2, 2023 By ingmar.koecher In EventSentry

We’re extremely excited to announce the availability of the EventSentry v5.1, which will detect threats and suspicious behavior more effectively – while also providing users with additional reports and dashboards for CMMC and TISAX compliance. The usability of EventSentry was also improved across the board, making it easier to use, manage and maintain EventSentry on a day-by-day basis. We also released 60+ training videos to help you get started and take EventSentry to the next level.

Read Post

EventSentry

Read more about EventSentry v5.1: Anomaly Detection / Permission Inventory / Training Courses & More!

Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM

Nov 2, 2023 By Alec Kostiner In Sumo Logic

As cloud applications and services gain prominence amongst organizations, adversaries are evolving their toolset to target these cloud networks. The surge in remote work and teleconferencing presents unprecedented opportunities for nefarious activities. Enter the MITRE ATT&CK Framework, also known as a MITRE ATT&CK Matrix—a treasure trove for defending cloud infrastructure and on-premises infrastructure against the newest adversary tactics, techniques, and procedures (TTPs).

Read Post

Sumo Logic

Read more about Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM

Okta evolving situation: Am I impacted?

Nov 2, 2023 By George Gerchow In Sumo Logic

Cybersecurity is never boring. In recent months, we’ve seen major cyberattacks on Las Vegas casinos and expanded SEC cybersecurity disclosure rules are top of mind. Is it any wonder we consistently recommend taking a proactive approach to secure your environment with a defense-in-depth strategy and appropriate monitoring? News outlets reported the recent compromise at the Identity and Authentication (IAM) firm, Okta.

Read Post