Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Security Incident and Event Management.

elastic

AI is cybersecurity's biggest threat

Jul 23, 2025 By Mandy Andress In Elastic
It’s also its greatest defense The biggest threat in our rapidly evolving cybersecurity landscape is artificial intelligence (AI).1 It’s also our greatest defense. Cybersecurity is a high-stakes game where everything is on the line and decisions have to be made fast. For years, cybersecurity strategy has been about increasing visibility to make informed decisions from vast amounts of data.
Read Post
sumologic

Model Context Protocol (MCP) vs Model Control Plane (MoCoP): Why your AI security is screwed if you only have one

Jul 22, 2025 By David Girvin In Sumo Logic
If you’re building AI systems with agents, plugins, and orchestration layers and you’re only thinking about how to route traffic, you’re halfway to being pwned. Everyone’s rushing to build a Model Context Protocol (MCP) — and that’s great. But almost no one’s talking about MoCoP — the Model Control Plane, which is just as important and arguably where the riskiest stuff happens. (Also, side note, who the hell keeps making these damn acronyms so confusing?
Read Post
elastic

Day in the life of an SOC leader

Jul 17, 2025 By Elastic Security Team In Elastic
A security operations center (SOC) leader is the point person for an organization’s security operations. They run a team of security analysts, engineers, and other specialists. But what exactly do they do on a day-to-day basis? As the person managing the organization’s cybersecurity hub, the SOC leader has to navigate all the complexities that come with it.
Read Post
graylog

5 Ways CISOs Can Use Selective Retrieval to Optimize Data Lakes

Jul 17, 2025 By The Graylog Team In Graylog
Data lakes have evolved. Once treated as passive storage archives, they’re now becoming active components of enterprise risk management. The driver? Selective retrieval — the ability to park large data volumes in cold storage and later retrieve targeted slices for forensic or compliance needs. This shift matters. According to 2025 data from Cybersecurity Insights Group, 73% of enterprises report that SIEM ingestion costs are limiting their real-time analysis capacity.
Read Post

Assess your SIEM's Capabilities

Jul 17, 2025 By Sumo Logic, Inc. In Sumo Logic
The SIEM landscape is undergoing rapid and profound changes, driven by the rise of new threats and innovative technologies. For you, security analysts and engineers, this means reassessing whether your current SIEM solutions are still up to the task. Waiting until after a breach to evaluate your SIEM can lead to disastrous consequences. This webinar provides a clear, no-nonsense roadmap to help you critically evaluate your SIEM, ensuring your security operations are adequate and exceptional.
View Video
CrowdStrike

CrowdStrike Named a Leader in the 2025 GigaOm SIEM Radar Report

Jul 16, 2025 By Vicky Ngo-Lam In CrowdStrike
CrowdStrike is proud to be named a Leader and Fast Mover in the 2025 GigaOm Radar for Security Information and Event Management (SIEM). This recognition positions CrowdStrike Falcon Next-Gen SIEM as the core of the AI-native SOC and future of security operations. CrowdStrike earned perfect 5/5 scores in key areas including Attack Surface Coverage, LLM-Based Co-Pilot and Agents, Automation, and Threat Research Units.
Read Post
sumologic

Enhance your cloud security visibility with the updated AWS CloudTrail app

Jul 16, 2025 By Adam White In Sumo Logic
For organizations operating in the cloud, visibility is everything. You need a reliable source of truth to answer “who did what, when, and where,” whether you’re investigating a security incident, chasing compliance goals, or monitoring operational activity. Enter the Sumo Logic CloudTrail App, your go-to solution for transforming raw AWS CloudTrail logs into meaningful, actionable insights.
Read Post
sumologic

So you're buying your first SIEM... here's how not to suck at it

Jul 16, 2025 By David Girvin In Sumo Logic
Welcome to the chaos. You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Let’s walk through how to actually buy your first SIEM without lighting your budget (and your team’s morale) on fire.
Read Post
graylog

Unlock Email Threat Visibility with Mimecast and Graylog

Jul 16, 2025 By Jeff Darrington In Graylog
Email threats aren’t slowing down. From credential phishing to malware-laced attachments, email remains one of the most exploited entry points for attackers. If you’re already using Mimecast to help mitigate that risk, you’re ahead of the curve — but raw log data only gets you so far. Starting with Graylog 6.2.3, you can pull logs directly from Mimecast using API v2.0 and view them immediately with built-in Illuminate Dashboards.
Read Post
elastic

Elastic strengthens AI security integration with Microsoft Azure AI Foundry Model Catalog

Jul 14, 2025 By Greg Crist In Elastic
Elastic partners with Microsoft to provide integration with the Azure AI Foundry Model Catalog. This collaboration significantly enhances the choices available to security analysts, providing access to a diverse array of powerful large language models (LLMs) that are native to the Azure cloud ecosystem. This partnership underscores Elastic's commitment to delivering cutting-edge cyber defenses for Microsoft Azure customers, using their existing cloud infrastructure and investments.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.