Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

Sponsored Post

Can the EventSentry Agents cause the same outage & disruption like the CrowdStrike Falcon sensor did?

The faulty Rapid Response Content CrowdStrike update that disabled millions of Windows machines across the globe on 7/19/2024 was any IT professional’s nightmare. Having to manually visit and restore each affected machine (further complicated by BitLocker) severely limited the recovery speed, especially for businesses with remote locations, TVs, kiosks, etc.

Understanding Security Log Analytics vs. SIEM for Midsized Companies Targeted by Cybercriminals

SecOps teams at midsize companies face a unique set of challenges when it comes to managing organizational cybersecurity. Midsize companies (those with 100-999 employees and $50 million-$1 billion in annual revenue, according to Gartner) possess significant financial resources and valuable data that may be targeted by digital adversaries.

Using MITRE ATT&CK for Incident Response Playbooks

A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.

Monitor the security of your Snowflake instance with Datadog Cloud SIEM

Snowflake is a fully managed data platform that enables users to store, process, and analyze large volumes of data across their cloud environments. Recently, Datadog’s Security Research Team posted a threat hunting guide to help defenders ensure the security of their Snowflake instances.

Log it like you mean it: Best practices for security

Not every log is equal As solutions architects at Elastic, we receive a lot of questions around how to fine-tune a security environment, such as: The answer is often, "it depends." So, we’d like to explore the parameters behind these questions to provide you with a more comprehensive understanding of how they influence the response.

Creating an Incident Response Process

In today’s cyber threat landscape, almost everyone is one bad day away from a security incident. While not every incident becomes a data breach, security teams need to be prepared for anything. Just like that one friend who has a spreadsheet to help them organize the minute tasks associated with a project, security teams need to have a prepared list of steps to take during an incident.

IP Address Alert Investigations: Correlating and Mapping with MITRE ATT&CK

An Internet Protocol (IP) address is the digital equivalent of your home address. Your home has a unique identification number that gives information about your physical geographic location, like road, city, state, and country. An IP address provides similar information about the people and devices connected to a network.

Boosting America's digital defense: Key takeaways from the FY 2026 budget priorities

Ahead of the new US federal fiscal year beginning October 1, the Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) released a memorandum titled Administration Cybersecurity Priorities for the FY 2026 Budget. The memo outlines a comprehensive roadmap for federal agencies and provides crucial guidance for agency heads as they formulate their fiscal year 2026 budget submissions in furtherance of the National Cybersecurity Strategy.