%term

The latest News and Information on Security Incident and Event Management.

Hunting with Elastic Security: Detecting covert data exfiltration

Mar 12, 2025 By Justin Higdon In Elastic

Not all network traffic is what it seems. Some flows conceal secrets, quietly exfiltrating sensitive data beyond your defenses. MITRE ATT&CK T1048 - Exfiltration Over Alternative Protocol is a stealth technique adversaries use to smuggle data out of your environment by bypassing traditional security controls.

Read Post

Elastic

Read more about Hunting with Elastic Security: Detecting covert data exfiltration

Public sector data stewardship for the AI era

Mar 12, 2025 By Darren Meiss In Elastic

Artificial intelligence (AI) and generative AI (GenAI) are rapidly transforming the public sector, moving beyond theoretical possibilities to real-world applications. Proper data preparedness, stewardship, and governance will play critical roles in successful GenAI implementations. We recently hosted a webinar, Public sector data stewardship for the AI era, with industry experts Max Klaps, research director at IDC, and Dave Erickson, distinguished architect at Elastic.

Read Post

Elastic

Read more about Public sector data stewardship for the AI era

The missing piece of your Zero Trust strategy: A unified data layer

Mar 11, 2025 By Michael Young In Elastic

How public sector agencies can solve Zero Trust challenges and break down silos with a unified data layer In the evolving and complex cyber landscape, the Zero Trust approach is instrumental in addressing both internal and external threats. It's a comprehensive strategy rather than a single solution, demanding the orchestration of multiple components to be genuinely effective.

Read Post

Elastic

Read more about The missing piece of your Zero Trust strategy: A unified data layer

The Akira ransomware exploit: Detecting IoT-based threats with Sumo Logic

Mar 11, 2025 By Brandon Borodach In Sumo Logic

In a recent and sophisticated cyberattack, the Akira ransomware group leveraged an unsecured Linux-based webcam to infiltrate a corporate network. By exploiting this overlooked IoT device, the attackers successfully bypassed traditional Endpoint Detection and Response (EDR) solutions, ultimately encrypting network shares and causing widespread damage.

Read Post

Sumo Logic

Read more about The Akira ransomware exploit: Detecting IoT-based threats with Sumo Logic

Identify gaps to strengthen detection coverage with the Datadog Cloud SIEM MITRE ATT&CK Map

Mar 10, 2025 By Amanda Quach In Datadog

Security analysts need clear visibility into potential threats to proactively defend against cyberattacks. Defining these threats can be challenging, but many security teams rely on the MITRE ATT&CK framework as a foundational resource for strengthening their defenses. While security platforms tag detections with MITRE ATT&CK tactics and techniques, analysts often struggle to assess their overall coverage across different attack surfaces.

Read Post

Datadog

Read more about Identify gaps to strengthen detection coverage with the Datadog Cloud SIEM MITRE ATT&CK Map

Endpoint Security Management | 24/7 Protection for Every Device by LevelBlue

Mar 10, 2025 By LevelBlue In LevelBlue

It’s not a matter of if your organization will face a cyberattack – it’s when. Our experts provide 24/7 endpoint security management, helping you defend your devices from advanced threats with automated solutions and expert support. Our Endpoint Security Solutions Include: • Endpoint Detection and Response (EDR) Why Choose LevelBlue? 24/7 Monitoring & Support Tailored Endpoint Security Solutions Expert Threat Intelligence & Response Flexible Protection Across Devices & Platforms.

View Video

LevelBlue

Read more about Endpoint Security Management | 24/7 Protection for Every Device by LevelBlue

Monitoring for PCI DSS 4.0 Compliance

Mar 10, 2025 By The Graylog Team In Graylog

Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs.

Read Post

Graylog

Read more about Monitoring for PCI DSS 4.0 Compliance

Elastic Security wins AV-Comparatives 2024 Enterprise Approved Product Award

Mar 6, 2025 By Tamarian Del Conte In Elastic

Awarded for outstanding protection, performance, and minimal false positives. Elastic Security has earned AV-Comparatives’ 2024 Approved Product Award in the Enterprise Main-Test Series. The honor reflects its outstanding malware defense, optimal system performance, and minimal false positives. Excelling across protection, performance, and false-positive benchmarks, Elastic Security has proven its ability to safeguard organizations without compromise.

Read Post

Elastic

Read more about Elastic Security wins AV-Comparatives 2024 Enterprise Approved Product Award

EventSentry v5.2: Processes, Security & Inventory

Mar 5, 2025 By ingmar.koecher In EventSentry

The latest iteration of EventSentry adds many powerful security features, continuing to enhance EventSentry’s ability to improve the security of Windows-based networks by strengthening its foundation and detecting suspicious behavior.

Read Post

EventSentry

Read more about EventSentry v5.2: Processes, Security & Inventory

The Log360 security platform: Thinking outside the logs

Mar 5, 2025 By IT Security In ManageEngine

We’re excited to announce the evolution of our SIEM solution, Log360, into a unified security platform. ManageEngine Log360 has adopted an open API-compatible architecture, allowing for expanded capabilities, seamless integration, and the ability to customize both data reporting and the underlying framework. This upgrade empowers you to extend the solution beyond its predefined functionalities, helping you unify and streamline security operations.

Read Post