%term

The latest News and Information on Security Incident and Event Management.

AI Powered Risk Scoring with Falcon Next-Gen SIEM

May 29, 2025 By CrowdStrike In CrowdStrike

Speed and precision are critical to stopping fast-moving threats. Falcon Next-Gen SIEM uses AI-powered risk scoring to help security teams focus on what matters most. By analyzing behavior, threat actor ties, prevention history, and business context, it surfaces high-risk threats automatically—driving smarter triage and faster response. Risk scoring powers UEBA for deeper, contextual visibility across users and assets. With dynamic prioritization and real-time insights, teams can cut through noise and act quickly.

View Video

CrowdStrike

Read more about AI Powered Risk Scoring with Falcon Next-Gen SIEM

The Importance of Triage in Incident Response

May 28, 2025 By Jeff Darrington In Graylog

Gamers of a certain age likely remember the video game Asteroids. You played as a little triangular spacecraft shooting at big space rocks that started traveling towards you slowly at first, then gained speed. As you revolved around trying to protect yourself by shooting them, you inevitably had to make some rapid decisions about which asteroids would harm your ship the most and which ones you could potentially ignore.

Read Post

Graylog

Read more about The Importance of Triage in Incident Response

How the MOD can achieve decision superiority against cyber threats

May 28, 2025 By Crossley McEwen In Elastic

AI as a force multiplier for cyber resilience in defence Military leaders are well-acquainted with the expansion of conventional warfare into digital battlefields. The recent attack and breach of a UK Ministry of Defence (MoD) supplier exposed data of 270,000 service personnel,1 representing not an isolated incident but a pattern in an escalating cyber conflict.

Read Post

Elastic

Read more about How the MOD can achieve decision superiority against cyber threats

The Cloud Crew and Digital Shield and Graylog

May 27, 2025 By Graylog In Graylog

Watch how Digital Shield is Transforming Cybersecurity in South Africa In this interview, Tim Smith — Sales Director at Digital Shield, a cybersecurity-focused subsidiary of The Cloud Crew — shares insights into the evolving threat environment and how businesses in South Africa are responding with more innovative, more strategic security solutions.

View Video

Graylog

Read more about The Cloud Crew and Digital Shield and Graylog

The Value of Data Enrichment in Cybersecurity Data

May 26, 2025 By Jeff Darrington In Graylog

You’re standing in the grocery store, comparing the nutrition information for two different cereals. The enriched wheat bran cereal has more B12 vitamin content than your favorite sugary one. As an adult, you know that your body needs the additional vitamins in the enriched bran flakes, even if you really want that fruity, sugary hit in the morning. In security, your data needs that additional hit of nutrition so you can correlate and analyze events more effectively.

Read Post

Graylog

Read more about The Value of Data Enrichment in Cybersecurity Data

Cyber threats explained: How to safeguard your enterprise

May 22, 2025 By Elastic Security Team In Elastic

Cyber threats (also known as cybersecurity threats) are events, actions, or circumstances that have the potential to negatively impact an individual or an organization by taking advantage of security vulnerabilities. Cyber threats can affect the confidentiality, integrity, or availability of data, systems, operations, or people’s digital presence.

Read Post

Elastic

Read more about Cyber threats explained: How to safeguard your enterprise

The patching paradox: The reality of AI in security

May 22, 2025 By David Girvin In Sumo Logic

Let’s stop pretending AI is going to save security. Sure, it’s going to help — it already is. But the idea that defenders will somehow “keep up” with attackers just because they both have access to generative AI is a fantasy. I come at this from a red-team mindset. I’ve spent years thinking like an attacker. Now I work at a blue-team company trying to defend real systems. And here’s what’s obvious to me: AI is going to let attackers move faster.

Read Post

Sumo Logic

Read more about The patching paradox: The reality of AI in security

Exabeam and Vectra AI Partner to Accelerate Threat Detection and Simplify Security Operations

May 20, 2025 By Exabeam In Exabeam

New integration unifies Exabeam New-Scale Security Operations Platform with Vectra AI's cutting-edge network detection and response (NDR) to uncover threats that evade traditional tools.

Read Post

Exabeam

Read more about Exabeam and Vectra AI Partner to Accelerate Threat Detection and Simplify Security Operations

Secure your Slack environment with Sumo Logic Cloud SIEM

May 20, 2025 By Daniel Kaiser In Sumo Logic

Slack has become integral for many organizations, powering everything from internal to external communication and project workflows. But as adoption grows, so does risk. Hackers are increasingly targeting Slack as it often contains intellectual property, credentials, and valuable reconnaissance information. Sumo Logic Cloud SIEM now secures your Slack usage against insider and third-party threats by monitoring audit logs for suspicious activity to keep your company and its data protected.

Read Post

Sumo Logic

Read more about Secure your Slack environment with Sumo Logic Cloud SIEM

Detection as Code with Falcon Next-Gen SIEM

May 16, 2025 By CrowdStrike In CrowdStrike

Speed and precision are critical in stopping modern threats. Falcon Next-Gen SIEM brings Detection as Code to the forefront, allowing security teams to version, test, and deploy detection rules with confidence. With powerful API integrations and CI/CD pipeline support, teams can automate rule management, reduce manual errors, and respond to threats faster. Every rule is version-controlled, making it easy to track changes, roll back updates, and scale detection efforts across the organization.

View Video