Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Security Incident and Event Management.

Managing False Positives and Alert Fatigue in SIEM

Apr 15, 2025 By UTMStack In UTMStack
In this video, I walk you through the process of managing false positives in the UTMSatck platform. We often encounter numerous false positives when starting with a new SIEM, which can lead to confusion and unnecessary alerts. I demonstrate how to tag these false positives effectively and filter them out to streamline our alert system. Please make sure to implement the tagging rules I discussed to help reduce noise in your SOC team's workflow.
View Video

Creating Custom Dashboards in UTMStack

Apr 15, 2025 By UTMStack In UTMStack
In this video, I walk you through the process of creating custom dashboards and visualizations in UTMStack SIEM. I demonstrate how to build various types of visualizations, such as pie charts and bar charts, to effectively display alert data. I also highlight the importance of adding filters for better data management and how to set up auto-refresh for real-time monitoring. Please make sure to follow along and try creating your own dashboards as we go through the steps together!
View Video
datadog

Strategies for accelerating a successful log migration

Apr 14, 2025 By Nicholas Thomson In Datadog
Log management becomes more challenging as both log volume and diversity rapidly grow. Yet many companies still rely on legacy log management and SIEM solutions that aren’t designed to cost-effectively or securely handle the large scale of logs today coming from sources both in the cloud and on premises.
Read Post
elastic

From endpoint to XDR: Operationalize Microsoft Defender for Endpoint data in Elastic Security

Apr 10, 2025 By Raquel Tabuyo In Elastic
Enhance your threat detection, investigation, and response by integrating Microsoft Defender for Endpoint data with Elastic Security. Many security teams often find it difficult to detect and respond to threats because of fragmented visibility and isolated endpoint data. This challenge led to the development of extended detection and response (XDR), which integrates endpoint insights with contextualized data from networks, cloud environments, and identity systems.
Read Post
graylog

Adversary Tradecraft: Apache Tomcat RCE

Apr 7, 2025 By Graylog Security In Graylog
CVE-2025-24813 is a critical vulnerability (CVSS base score of 9.8) affecting Apache Tomcat, a widely used open-source web server and servlet container. This issue affects Apache Tomcat: In this blog, we’ll simulate an attack and look at the activity within Graylog. Throughout the analysis, and at the conclusion of the post, we’ll provide practical threat-hunting and detection strategies you can implement in your own environments.
Read Post
sumologic

What is IoT Security?

Apr 3, 2025 By Adam White In Sumo Logic
Security measures aren’t keeping pace with the rate at which new technology is going to market. One of the fastest-growing segments of technology, the Internet of Things (IoT) — which includes webcams, smart thermostats, wearable health trackers, and other smart objects — is capturing the industry’s attention and growing rapidly. By 2030, the number of connected IoT devices is expected to grow to 40 billion.
Read Post
exabeam

The Story Behind Exabeam Nova: Shining a Light on Cybersecurity Threats

Apr 1, 2025 By Exabeam In Exabeam
In the high-stakes world of cybersecurity, every detail matters — including the name of the technology designed to uplevel SOC teams to protect their organizations from ever-growing, ever-evolving threats. Naming isn’t just about branding; it’s about capturing purpose, function, and vision.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.