SIEM

The latest News and Information on Security Incident and Event Management.

People or AI?

Apr 24, 2023 By Jon Garside In Devo

Security teams are faced with relentless cyberattacks, and they cannot engineer defenses fast enough. SOC teams face limited visibility, insufficient context, and the inability to identify the threats that matter. Analysts are even more burned out, switching from tool to tool, frantically trying to make sense of what they are seeing.

Read Post

Devo

Read more about People or AI?

US National Security Deep Dive Pillars 2 and 3: Dismantle Threats and Shape Market Forces

Apr 21, 2023 By John Allison In Devo

Last time we looked at The US National Security Strategy Pillar 1: Defend Critical Infrastructure. Today, we are looking at Pillar 2: Disrupt and Dismantle Threat Actors and Pillar 3: Shape Market Forces to Drive Security Resilience. Preventing the attacks in Pillar 1 would not be necessary if the attackers were taken off the board.

Read Post

Devo

Read more about US National Security Deep Dive Pillars 2 and 3: Dismantle Threats and Shape Market Forces

Enhance SOC workflows with Elastic Security and Recorded Future threat intelligence

Apr 21, 2023 By Marvin Ngoma In Elastic

Security teams today need to analyze vast amounts of data from various sources, including endpoints, cloud, applications, and user activity, just to mention a few. At the same time, adversary activity is also on the rise and the threat landscape is becoming more and more complex every day. Further exacerbating the situation, security teams are strapped for resources and unable to analyze the enormous amounts of data and security alerts they receive in real time.

Read Post

Elastic

Read more about Enhance SOC workflows with Elastic Security and Recorded Future threat intelligence

How using Cloud SIEM dashboards and metrics for daily standups improves SOC efficiency

Apr 20, 2023 By Sumo Logic In Sumo Logic

When we talk about emerging technologies and digitization, we often forget that while innovators work to bring the best solutions to market, cybersecurity gurus are concurrently working to identify loopholes and vulnerabilities in these new systems. Gone are the days when cyber attacks were monthly news; instead, they happen almost daily.

Read Post

Sumo Logic

Read more about How using Cloud SIEM dashboards and metrics for daily standups improves SOC efficiency

Beyond the build: Why runtime security is critical for container protection

Apr 19, 2023 By Daniel Rohan In Elastic

Containers and microservices have changed the game: They allow organizations to ship apps faster and make better use of hardware. They encourage modular software design. And containers help teams embrace the cloud-native paradigms of scalability, mobility, and resilience. It’s safe to say that containers have shaken things up.

Read Post

Elastic

Read more about Beyond the build: Why runtime security is critical for container protection

Threat Hunting vs Incident Response for Cyber Resilience

Apr 18, 2023 By The Graylog Team In Graylog

Protecting data and protecting business continuity are both similar and different. In a data driven world, your mission as a security analyst is to prevent threat actors from gaining unauthorized access to sensitive data and systems. Simultaneously, you also need to investigate incidents rapidly, ensuring that critical services experience as little downtime as possible.

Read Post

Graylog

Read more about Threat Hunting vs Incident Response for Cyber Resilience

Automate common security tasks and stay ahead of threats with Datadog Workflows and Cloud SIEM

Apr 18, 2023 By Nicholas Thomson In Datadog

Detecting and remediating security threats is a constantly evolving concern for modern DevSecOps and security operations center (SOC) teams. Moreover, manually investigating and responding to vulnerabilities and threats is time-consuming, laborious, and knowledge-intensive.

Read Post

Datadog

Read more about Automate common security tasks and stay ahead of threats with Datadog Workflows and Cloud SIEM

Brown Bag Apr 18, 2023 - Security - Entity Groups

Apr 18, 2023 By Sumo Logic In Sumo Logic

How to Get Results faster in Sumo Cloud SIEM using Entity Groups presented by Laszlo Salamon.

View Video

Sumo Logic

Read more about Brown Bag Apr 18, 2023 - Security - Entity Groups

US National Cybersecurity Strategy Deep Dive: Defend Critical Infrastructure

Apr 12, 2023 By John Allison In Devo

This is the first post in a series on the pillars outlined in the new US National Cybersecurity Strategy. I review each pillar in turn, and then discuss how services such as Devo can help address the challenges outlined in that pillar.

Read Post

Devo

Read more about US National Cybersecurity Strategy Deep Dive: Defend Critical Infrastructure

geeks+gurus: Get real about cyber resilience

Apr 11, 2023 By Sumo Logic In Sumo Logic

Join our geeks+gurus of Sumo Logic for an interactive conversation on the current state of cybersecurity, Demonstrating value is vital. In this 25-minute conversation, Bob Layton and Chas Clawson will Get Real about Cyber Resilience. With uncertainty around a potential recession and IT budgets flattening, security teams are learning how to do more with less. Cyber attacks are becoming more complex and destructive, however, more pressure is being put on security leaders to be more efficient with their spending and to make the case for these critical investments.

View Video