%term

The latest News and Information on Security Incident and Event Management.

CrowdStrike Falcon Next-Gen SIEM: AI-Generated parsing

May 8, 2025 By CrowdStrike In CrowdStrike

Tired of writing custom parsers just to make your logs usable? With CrowdStrike Falcon Next-Gen SIEM, you can automate log parsing using AI — cutting setup time from days to minutes. In this demo, see how easily you can onboard network logs, generate a parser with AI, and normalize data to the CrowdStrike Parsing Standard — all within a few clicks. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about CrowdStrike Falcon Next-Gen SIEM: AI-Generated parsing

What's Next for Your SIEM?

May 7, 2025 By Brian Rowe In BlueVoyant

You’ve just finished your Microsoft Sentinel deployment and have your shiny new SIEM up and running. Is your job done? Can a SIEM ever really be finished? The answer is “no” because your organization’s needs change, new technologies emerge, and cyber attack vectors constantly evolve.

Read Post

BlueVoyant

Read more about What's Next for Your SIEM?

From Reactive to Ready: Automated Detections and Defense with Devo + Detecteam

May 7, 2025 By Devo In Devo

Security analysts know the feeling: The all-too-familiar dread creeps in as a new exploit hits the headlines. Cyber teams worldwide brace themselves, knowing that their weekends, vacations, and carefully laid plans are likely about to go up in smoke. The first question a CISO will always ask rings in their ears: “Are we protected against this?”

Read Post

Devo

Read more about From Reactive to Ready: Automated Detections and Defense with Devo + Detecteam

Tips for choosing an AI-driven SIEM

May 2, 2025 By Joe DeFever In Elastic

Artificial intelligence is rewriting the rules for cybersecurity on both sides of the battle. Cloud adoption, a broadening attack surface, and AI-fueled cyber threats are driving organizations to rethink their approach to security. Discussions on the best way to adapt to a highly dynamic threat environment will naturally steer toward updating SIEM, as it is core to today’s security operations.

Read Post

Elastic

Read more about Tips for choosing an AI-driven SIEM

From Alert Fatigue to Focused Response: A New Way Forward for The SOC

May 1, 2025 By The Graylog Product Team In Graylog

We’re all exhausted—both by the problem and by hearing about it. False positives and overwhelming alert volume have long plagued security operations. And despite years of innovation, solutions have remained elusive. Alert volume. Alert fatigue. SOC burnout. This persistent problem puts security teams in a tough position: For CISOs and SOC managers, it’s a lose-lose scenario.

Read Post

Graylog

Read more about From Alert Fatigue to Focused Response: A New Way Forward for The SOC

Threat hunting in Elastic with JOINs!

Apr 29, 2025 By Paul Ewing, In Elastic

Elastic’s piped query language, ES|QL, brings joins to the party Threat hunters rejoice! Have you been looking for a way to join data with the speed and power of Elastic? Well, we heard you! Elastic can now join data sources with a new function for the piped query language, ES|QL (Elasticsearch Query Language). This will enable robust searches that range from advanced behavior detections to alert triage and of course, threat hunting.

Read Post

Elastic

Read more about Threat hunting in Elastic with JOINs!

Graylog Security Tour!

Apr 29, 2025 By Graylog In Graylog

Check out the latest tour of Graylog Security. Check out Graylog Data Lake, Content Hub, Assets, Alerting and Investigations and much more!

View Video

Graylog

Read more about Graylog Security Tour!

Graylog Removes Barriers to SIEM to Deliver Uncompromised Security Operations

Apr 28, 2025 By Graylog In Graylog

Company Introduces Adversary Campaign Intelligence to Prioritize True Cyber Threats; Data Lake Preview and Retrieval for Smart Data Retention.

Read Post

Graylog

Read more about Graylog Removes Barriers to SIEM to Deliver Uncompromised Security Operations

Introducing Graylog 6.2: A SIEM Without Compromise

Apr 28, 2025 By The Graylog Product Team In Graylog

What does it really mean to have a SIEM Without Compromise? For too long, security teams have been stuck in a no-win game—forced to choose between visibility and cost, detection breadth and team capacity, automation, and control. Every decision felt like a trade-off, with real-world consequences: dropped logs, missed alerts, and inconsistent response when it mattered most. With the Spring ’25 release of Graylog Security 6.2, we’re eliminating those compromises.

Read Post

Graylog

Read more about Introducing Graylog 6.2: A SIEM Without Compromise

CrowdStrike Advances Next-Gen SIEM with Threat Hunting Across Data Sources, AI-Driven UEBA

Apr 28, 2025 By Thuy Nguyen - Paola Miranda In CrowdStrike

CrowdStrike is launching new innovations to power the AI-native security operations center (SOC) and help teams hunt and resolve threats with speed and accuracy. A new solution, CrowdStrike Falcon Adversary OverWatch Next-Gen SIEM, will bring managed threat hunting to available third-party data and extend the visibility of CrowdStrike’s elite threat hunters into unmanaged attack surfaces.

Read Post