%term

The latest News and Information on Security Incident and Event Management.

Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Jul 24, 2024 By Julie Agnes Sparks In Datadog

Snowflake is a fully managed data platform that enables users to store, process, and analyze large volumes of data across their cloud environments. Recently, Datadog’s Security Research Team posted a threat hunting guide to help defenders ensure the security of their Snowflake instances.

Read Post

Datadog

Read more about Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Log it like you mean it: Best practices for security

Jul 24, 2024 By Anna Maria Modée, In Elastic

Not every log is equal As solutions architects at Elastic, we receive a lot of questions around how to fine-tune a security environment, such as: The answer is often, "it depends." So, we’d like to explore the parameters behind these questions to provide you with a more comprehensive understanding of how they influence the response.

Read Post

Elastic

Read more about Log it like you mean it: Best practices for security

Creating an Incident Response Process

Jul 23, 2024 By Jeff Darrington In Graylog

In today’s cyber threat landscape, almost everyone is one bad day away from a security incident. While not every incident becomes a data breach, security teams need to be prepared for anything. Just like that one friend who has a spreadsheet to help them organize the minute tasks associated with a project, security teams need to have a prepared list of steps to take during an incident.

Read Post

Graylog

Read more about Creating an Incident Response Process

IP Address Alert Investigations: Correlating and Mapping with MITRE ATT&CK

Jul 17, 2024 By Jeff Darrington In Graylog

An Internet Protocol (IP) address is the digital equivalent of your home address. Your home has a unique identification number that gives information about your physical geographic location, like road, city, state, and country. An IP address provides similar information about the people and devices connected to a network.

Read Post

Graylog

Read more about IP Address Alert Investigations: Correlating and Mapping with MITRE ATT&CK

Boosting America's digital defense: Key takeaways from the FY 2026 budget priorities

Jul 15, 2024 By Bill Wright In Elastic

Ahead of the new US federal fiscal year beginning October 1, the Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) released a memorandum titled Administration Cybersecurity Priorities for the FY 2026 Budget. The memo outlines a comprehensive roadmap for federal agencies and provides crucial guidance for agency heads as they formulate their fiscal year 2026 budget submissions in furtherance of the National Cybersecurity Strategy.

Read Post

Elastic

Read more about Boosting America's digital defense: Key takeaways from the FY 2026 budget priorities

Building the foundations: A defender's guide to AWS Bedrock

Jul 11, 2024 By Anton Ovrutsky In Sumo Logic

Opinions regarding artificial intelligence (AI) range from fears of Skynet taking over to hope regarding medical advancements enabled by AI models. Regardless of where you sit on this spectrum of anxiety and hype, it is evident that the AI epoch is upon us.

Read Post

Sumo Logic

Read more about Building the foundations: A defender's guide to AWS Bedrock

Ransomware Attacks: Held Hostage by Code

Jul 10, 2024 By Devo In Devo

Data is among the most valuable assets for companies, making it a prime target for malicious actors. Ransomware attacks that seize data and demand a price for its return have become a significant concern for businesses and individuals. According to the Verizon 2024 Data Breach Investigations Report, about one-third of all breaches involved ransomware or another extortion technique. Here’s everything you need to know about ransomware and how to prevent a successful attack.

Read Post

Devo

Read more about Ransomware Attacks: Held Hostage by Code

Elastic and Google Cloud: Enhancing security analytics from data ingestion to incident response

Jul 9, 2024 By Valerio Arvizzigno, In Elastic

Elastic and Google Cloud are pioneering a comprehensive security solution that leverages our distinct capabilities to offer an unparalleled security analytics experience. This collaboration integrates the Elastic Search AI Platform with Google Cloud's scalable and secure infrastructure services to provide a comprehensive security platform designed to secure hybrid workloads efficiently.

Read Post

Elastic

Read more about Elastic and Google Cloud: Enhancing security analytics from data ingestion to incident response

The Importance of Email Security

Jul 8, 2024 By Jeff Darrington In Graylog

Back in the early days of the internet, people looked forward to hearing that deep, robotic voice announcing “you’ve got mail!” Today, whether you like it or not, email is fundamental to personal and business communications. In 2022, people sent and received an estimated 333 billion emails daily, with the number expected to increase to 392.5 billion by 2026. Experiencing a security incident on your email server can interrupt business operations leading to lost revenue.

Read Post

Graylog

Read more about The Importance of Email Security

Exabeam SIEM Overview

Jul 3, 2024 By Exabeam In Exabeam

Explore cloud-native Exabeam SIEM, part of the Exabeam Security Operations Platform. Exabeam SIEM is a scalable cloud-native offering providing advanced capabilities for log management and SIEM, using the power of generative AI to provide event context and accelerate investigations. It delivers a limitless scale to ingest, parse, store, search, and report on petabytes of data—from everywhere. Exabeam SIEM includes over 200 prepackaged correlation rules with a rule builder, allowing even new analysts to easily create, deploy, and manage environment-specific rules.

View Video