Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sumo Logic

SOAR Market Guide 2022: What does the Gartner research say?

While Gartner hasn’t released the SOAR Magic Quadrant, to the delight of many SOAR enthusiasts, the highly anticipated Gartner SOAR Market Guide for 2022 is out and we are happy to announce that Sumo Logic has been included again! Even though Security Orchestration, Automation and Response (SOAR), as a relatively new security category, doesn’t have a SOAR Magic Quadrant, Gartner is already dedicating a market guide for SOAR solutions.

geeks+gurus: SOAR - No-code vs. zero-dev security automation

In this session, Enrico Benzoni interviews Dario Forte, Michele Zambelli and Andrea Fumagalli, to discuss the role of integration in SOC automation, the difference between no-code and zero-dev automation and the importance of the human factor because the quickest response to incidents is not always the right one.

geeks+gurus: Summer of Security

Join our Geeks+Gurus of Sumo Logic for an interactive conversation on the current state of cybersecurity. In this 25-minute conversation, Dana Torgersen, Enrico Benzoni and Fabian Rodriguez will touch on the latest security technologies, the latest threats, and recent questions about security and compliance spending amidst recessionary conditions.

Use new Cloud SIEM Entity Groups to make threat response more efficient

Security analysts and administrators need every advantage to keep up with prioritizing and investigating alerts. A SIEM (security information and event management) solution helps uncover threats, but it takes a lot of time assigning and updating tags, criticality, and signal suppression. Sometimes users opt to skip the step altogether, especially if there are a lot of entities to add or update at once. Other times, they introduce errors during this manual step.

SIEM vs SOAR : Evaluating security tools for the modern SOC

A common question we receive is: should security orchestration, automation and response (SOAR) replace security information and event management (SIEM)? While the two technologies share some common components, they serve different purposes. As security teams look to modernize their security operations center (SOC) to meet the demands of cloud environments, automation is the key priority. To that end, it’s vital to understand the roles of both SIEM and SOAR.

Follina - CVE-2022-30190

Monday, May 30th, 2022, Microsoft issued CVE-2022-30190 for a Remote Code Execution vulnerability with the Microsoft Support Diagnostic Tool (MSDT) in Windows: “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.

Why end-to-end visibility is critical to secure your apps in a serverless world

One of the universal truths in technology is that security always lags behind innovation. Companies must move quickly as they seek to innovate, increase efficiencies and be disruptive in ever-crowded markets. Living on the bleeding edge means you will get a few cuts, but the risk of not adopting new technologies is greater than those of a few system failures or breaches. One challenge is that it is often not apparent what new risks exist until boundaries are pushed.

Zero Trust goes beyond standard security

Zero Trust is a modern, strategic approach to cybersecurity that secures organizations by eliminating implicit trust and continuously validating all interactions and experiences. Zero Trust moves cyber defenses from static, network-based perimeters to focus on users, assets, applications and resources without any implicit trust to enhance posture and reduce risk. At its core, Zero Trust is a perimeterless security approach.