%term

The latest News and Information on Security Incident and Event Management.

Reclaiming analyst time: Smarter investigations with AI in defence

Jun 20, 2025 By Crossley McEwen In Elastic

How the MOD can reduce investigation fatigue and boost operational efficiency Security analysts at the UK Ministry of Defence (MOD) — and everywhere — face an overwhelming challenge: They can receive thousands of alerts daily, and distinguishing genuine threats from false positives in a timely fashion has become nearly impossible without technological intervention.

Read Post

Elastic

Read more about Reclaiming analyst time: Smarter investigations with AI in defence

Vulnerability Data in Next Gen-SIEM with Falcon Exposure Management

Jun 20, 2025 By CrowdStrike In CrowdStrike

Vulnerability data is often siloed and captured in static dashboards, disconnected from real-time investigation. But with Falcon Exposure Management streaming into NG-SIEM, that changes. This demo shows how teams can correlate live vulnerability events with endpoint behavior, network activity, and even cloud telemetry. Using a Firefox example, we trace active and historical exposure, revealing how ExPRT.AI, asset metadata, and cloud-aware context come together in Next Gen SIEM.

View Video

CrowdStrike

Read more about Vulnerability Data in Next Gen-SIEM with Falcon Exposure Management

4 Steps to Cyber Resilience | Expert Insights from LevelBlue | Dark Reading Interview

Jun 20, 2025 By LevelBlue In LevelBlue

In this exclusive Dark Reading News Desk interview, Theresa Lanowitz from LevelBlue shares four practical and powerful steps organizations can take to boost their cyber resilience. From fostering a proactive cybersecurity culture to elevating cyber discussions to the boardroom, this conversation is packed with actionable insights. Learn how to secure your software supply chain, leverage AI for defense, and stay ahead of emerging threats.

View Video

LevelBlue

Read more about 4 Steps to Cyber Resilience | Expert Insights from LevelBlue | Dark Reading Interview

Micro Lesson: How are Insights Generated in Cloud SIEM?

Jun 18, 2025 By Sumo Logic, Inc. In Sumo Logic

Learn how Sumo Logic's Cloud SIEM clusters log data into actionable security Insights.

View Video

Sumo Logic

Read more about Micro Lesson: How are Insights Generated in Cloud SIEM?

SIEM Essentials for Security Operations

Jun 17, 2025 By The Graylog Team In Graylog

For many Security Operations Center (SOC) teams, every day feels like a balancing act just shy of burnout. The alerts don’t stop. The tooling gets in the way more than it helps. And analysts—the people at the heart of security operations—are left trying to untangle signals in a sea of noise, pressure, and constant escalation. This isn’t just a tooling issue. It’s a deeper misalignment: the gap between what SIEM was supposed to be and what security teams actually need.

Read Post

Graylog

Read more about SIEM Essentials for Security Operations

Making the Most of Rule-Based Intrusion Detections

Jun 16, 2025 By Jeff Darrington In Graylog

Think back to being in high school and wanting to leave the room during class. Your teacher would give you a hall pass to show anyone monitoring the halls that you had permission to walk around. Your behavior, walking around during the class period, was suspect unless you followed the rule, getting a hall pass. For security teams, rule-based intrusion detections are the hall monitors that look for behaviors that indicate a problem.

Read Post

Graylog

Read more about Making the Most of Rule-Based Intrusion Detections

EventSentry Security Dashboards

Jun 16, 2025 By NETIKUS.NET LTD In EventSentry

Outlines how the 3 EventSentry dashboards can help improve the security of any Windows-based network by.

View Video

EventSentry

Read more about EventSentry Security Dashboards

Threat Coverage Analyzer

Jun 13, 2025 By Graylog In Graylog

Follow Seth Goldhammer, VP of Product as he talks about the new Threat Coverage Analyzer in Graylog.

View Video

Graylog

Read more about Threat Coverage Analyzer

Cyber Resilience 2025 with Theresa Lanowitz | LevelBlue Futures Report

Jun 13, 2025 By LevelBlue In LevelBlue

What does cyber resilience look like in 2025? Join Theresa Lanowitz, Chief Evangelist at LevelBlue, as she unpacks the findings of the 2025 LevelBlue Futures Report: Cyber Resilience and Business Impact. In this exclusive video, Theresa shares expert insights into the evolving threat landscape, the rise of AI-readiness, software supply chain visibility, and the five key traits of a cyber resilient organization.

View Video

LevelBlue

Read more about Cyber Resilience 2025 with Theresa Lanowitz | LevelBlue Futures Report

Telemetry: What It Is and How it Enables Security

Jun 11, 2025 By Jeff Darrington In Graylog

If you have ever built a LEGO set, then you have a general idea of how telemetry works. Telemetry starts with individual data points, just like your LEGO build starts with a box of bricks. In complex IT environments, your security telemetry is spread across different technologies and monitoring tools, just like in a large build your LEGO bricks come separated into smaller, individually numbered bags. In both cases, the individual bricks or data points aren’t special.

Read Post