Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

graylog

What is NIST 800-53?

Sep 27, 2024 By Jeff Darrington In Graylog
Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.
Read Post
sumologic

Being forced to migrate from IBM QRadar to PAN XSIAM? Know the pitfalls

Sep 26, 2024 By Vaishnavi Shyamkrishnan In Sumo Logic
Palo Alto Networks acquired IBM QRadar SaaS assets, leaving several organizations in limbo and uncertain about the future of their security information and event management (SIEM). Security teams grapple with a complex and potentially disruptive transition as Palo Alto Networks pushes and even mandates migration to its relatively new XSIAM platform.
Read Post
devo

Navigating the SIEM Consolidation: Key Questions

Sep 25, 2024 By Devo In Devo
The SIEM market is in flux. Mergers, acquisitions, and vendors leaving the space are creating uncertainty for organizations that rely on SIEMs as the cornerstone of their security operations. If your organization is feeling the ripple effects of this consolidation, it’s time for a SIEM checkup. This means critically examining your current SIEM stack and vendor relationship to ensure they’re still serving your evolving security needs.
Read Post
graylog

Logs in a SIEM: The Liquid Gold of Cybersecurity

Sep 25, 2024 By Jeff Darrington In Graylog
Devices, applications, and systems logs are needed to detect, analyze, and mitigate cybersecurity threats. Logs in a SIEM are like gold; they are both valuable. Gold is part of the economy, and logs are part of the IT ecosystem and are the foundation for cybersecurity. Here’s why they compare to liquid gold!
Read Post
elastic

Encryption at rest in Elastic Cloud: Bring your own key with Google Cloud

Sep 25, 2024 By Jonathan Simon, In Elastic
Now that we’ve introduced Elastic Cloud encryption at rest and walked you through setting it up in AWS and Azure, it’s time to get you set up in Google Cloud. In this final blog of the series, we will explain how encryption at rest works with Google Cloud Key Management Service (KMS) and then show you how to apply a Google Cloud KMS key to an Elastic Cloud Hosted deployment for encrypting data and snapshots at rest.
Read Post

Falcon Next-Gen SIEM - Detection Posture Management & Workflow Automation Enhancements

Sep 24, 2024 By CrowdStrike In CrowdStrike
Crowdstrike's new detection posture management dashboard lets you visualize your detection posture like never before. Once you understand your current posture, the Falcon Platform empowers you to streamline prescriptive countermeasures in your workflows with the latest releases in Falcon Fusion. Our content library contains an ever growing collection of applications, actions, triggers, and playbooks that help you break down silos between teams and technologies. These innovations make it even more efficient for you and your team to respond faster than the adversaries, and ultimately stop the breach.
View Video
sumologic

Safeguarding your future: enhancing cybersecurity while defending your budget

Sep 19, 2024 By JT Rakitan In Sumo Logic
As budget cycles increasingly force teams to tighten their belts, proving the value of vital technology is key. It’s not enough to showcase how the security operations center (SOC) is improving security posture and defending against threats, you also need to highlight how this boosts ROI. As highlighted in an IDC webinar and white paper, organizations using Sumo Logic have experienced an exceptional return on investment and a rapid payback period.
Read Post
CrowdStrike

CrowdStrike Next-Gen SIEM Innovations Slash Response Time and Simplify SIEM Migrations

Sep 18, 2024 By Kasey Cross In CrowdStrike
Are your legacy technologies slowing down your security operations? You’re not alone. Seventy percent of critical incidents take over 12 hours to resolve. Legacy SIEMs burden security teams with endless manual processes and agonizingly slow search speeds, delaying investigation and response while increasing the risk of a breach. The future of security requires next-gen SIEM technology built for scale and speed, powered by automation and AI.
Read Post
elastic

Elastic named a Leader in IDC MarketScape: Worldwide SIEM for Enterprise 2024

Sep 18, 2024 By Mark Settle In Elastic
Elastic has been recognized as a Leader in the IDC MarketScape for Worldwide SIEM for Enterprise 2024 Vendor Assessment. Elastic Security modernizes threat detection, investigation, and response with AI-driven security analytics — the future of SIEM. It is the tool of choice for SOC teams because it eliminates blind spots, boosts practitioner productivity, and accelerates SecOps workflows.
Read Post
devo

Insider Threats: The Danger Within

Sep 17, 2024 By Devo In Devo
Cyberattacks by hacking groups using ransomware and other tactics dominate the headlines, but the risks posed by individuals within an organization can be just as, if not more, damaging. CISA defines an insider threat as the possibility that authorized personnel will use their access, either intentionally or unintentionally, to harm an organization’s mission, resources, information, systems, or other assets.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.