Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

EventSentry on GitHub: PowerShell module, templates and more!

Since we’ve accumulated a lot of resources around EventSentry that are updated frequently, we’ve decided to launch a GitHub page where anyone can access and download scripts, configuration templates, screen backgrounds and our brand-new PowerShell module that is still under development.

Ransomware Attacks in 2021 And How To Prevent Them

In the last two years, ransomware attacks have drastically increased, and their impact on the organization has become bigger. Bitdefender reports that ransomware attacks increased by 485% in 2020. In this video, we will review what is a ransomware attack and how it spreads across the organization's assets, as well as what types of companies usually get hit by attackers, and how to minimize the risk of getting infected.

XDR: What Next-Gen SIEM Would Have Been

It’s easy to get lost in product categories in security these days. And XDR (eXtended Detection and Response) is a new addition to the landscape, which makes people wonder – what exactly is that? We’ve previously held that XDR and SIEM are effectively the same thing, although many vendors and Gartner analysts would probably disagree.

Is All Data Security Data?

There’s an old expression: When you’re a hammer, everything looks like a nail. Therefore, is it right for a security company such as Devo to consider all data security data? Let’s examine that concept. Recently I participated in a panel discussion at the GDS Security Insight Summit Europe with my colleague Dean Robertson who heads solution engineering for Devo in EMEA.

Threat Hunting with Cloud SIEM

Threat hunting is emerging as a must-have addition to cybersecurity strategies. By enabling organizations to find and mitigate threats before they ever touch their networks or systems, threat hunting provides the basis for a more proactive security posture – and one that delivers higher ROI on security tools and processes. How can businesses actually add threat hunting to their security arsenals? That’s where solutions like Sumo Logic's Cloud SIEM come in.

New Devo report shows organizations how to embrace the cloud for better security outcomes

Devo recently published a new research report Beyond Cloud Adoption: How to Embrace the Cloud for Security and Business Benefits, based on a survey conducted by Enterprise Strategy Group (ESG). ESG surveyed 500 IT and security professionals working in the security operations center (SOC) chain of command at organizations with more than 1,000 employees in North America and Western Europe. The survey took place in the first quarter of 2021. This is the first in a series of posts about the report.

Proprietary vs Open Source: Which Software is Better for Your Company Security? (Webinar Cuts)

Proprietary and open source security products each have their own benefits. Proprietary products often have a smaller learning curve which can lead to more efficient learning and operational practices. Open source products can be deployed by anyone without the need for licenses and/or commitments which is ideal for organizations that rely on a wide range of third parties to provide services and products.

Press Release: LogSentinel is among The CyberTech100 pioneering companies helping financial institutions

8th June 2021 Naarden, Netherlands – LogSentinel, the innovative next-gen SIEM provider, announced that it was included in the annual list of the world’s most innovative providers of cybersecurity solutions for the financial sector – CyberTech100. “We are thrilled that LogSentinel SIEM, our flagship product, was recognized by FinTech Global as one of the top 100 information security products for the financial industry.

See how to Amplify your SIEM by Integrating with the ThreatQ Platform

SIEMs have been around for decades, designed to replace manual log correlation to identify suspicious network activity by normalizing alerts across multiple technology vendors. SIEMs correlate massive amounts of data from the sensor grid (your internal security solutions, mission-critical applications and IT infrastructure). As organizations are looking at ways to mine through SIEM data to find threats and breaches, they are bringing in threat intelligence feeds to help.