SIEM

The latest News and Information on Security Incident and Event Management.

AT&T DDoS Portal Contacts Management Video

Apr 8, 2024 By AT&T Cybersecurity In AT&T Cybersecurity

In this video, you'll learn about AT&T DDoS Defense Service contact management and how the company administrator adds a new contact. Contacts are notified in the event of a DDoS attack. So it's important to keep the contacts list up to date and accurate.

View Video

AT&T Cybersecurity

Read more about AT&T DDoS Portal Contacts Management Video

Graylog and SOC Prime Form Exclusive Partnership to Make Threat Detection and Response More Effective and Efficient

Apr 3, 2024 By Graylog In Graylog

Collaboration significantly enhances enterprise cybersecurity posture within hours.

Read Post

Graylog

Read more about Graylog and SOC Prime Form Exclusive Partnership to Make Threat Detection and Response More Effective and Efficient

Does Your SIEM Offer Enough Flexibility? Questions to Ask

Apr 2, 2024 By Devo In Devo

When evaluating a SIEM, two key factors stand out: flexibility in data handling and open architecture. These two elements significantly enhance a platform’s efficiency and adaptability in managing cybersecurity threats. Whether you’re evaluating your current SIEM or looking for a more modern solution, here are five questions to ask to gauge its flexibility.

Read Post

Devo

Read more about Does Your SIEM Offer Enough Flexibility? Questions to Ask

Responding to CVE-2024-3094 - Supply chain compromise of XZ Utils

Apr 1, 2024 By Anton Ovrutsky In Sumo Logic

It seems as though responders cannot catch a break when it comes to 0-day vulnerabilities and supply chain compromise avenues. On March 29th, 2024, the Cybersecurity & Infrastructure Security Agency published an alert regarding a supply chain compromise of the XZ Utils package. At time of writing, there is no information regarding exploitation of the vulnerability and follow-on post-compromise activity.

Read Post

Sumo Logic

Read more about Responding to CVE-2024-3094 - Supply chain compromise of XZ Utils

Threat Detection, Investigation, and Response (TDIR) with Sumo Logic - March 28th

Mar 29, 2024 By Sumo Logic In Sumo Logic

Join us as Chas and Christopher teach how Sumo Logic Cloud SIEM helps with TDIR.

View Video

Sumo Logic

Read more about Threat Detection, Investigation, and Response (TDIR) with Sumo Logic - March 28th

SIEM in Seconds - Splunk Enterprise Security Auto Refresh and Timeline of Notable Events

Mar 28, 2024 By Splunk In Splunk

SOC analysts are overwhelmed sifting through a sea of notable events. They are unable to prioritize events and act fast. With Auto Refresh in the Incident Review interface, users will not have to re-run the Incident Response search or refresh the page. Furthermore, an interactive timeline for notable events within the Incident Response interface enables the SOC to quickly prioritize critical incidents.

View Video

Splunk

Read more about SIEM in Seconds - Splunk Enterprise Security Auto Refresh and Timeline of Notable Events

SIEM in Seconds - Splunk Enterprise Security Enhanced Risk Analysis Dashboard

Mar 28, 2024 By Splunk In Splunk

With the enhanced risk analysis dashboard in Splunk Enterprise Security, security analysts can now monitor user entity risk events from detections across risk-based alerting and behavioral analytics, which provides a deeper, and more holistic, layer of visibility across all detection events.

View Video

Splunk

Read more about SIEM in Seconds - Splunk Enterprise Security Enhanced Risk Analysis Dashboard

SIEM in Seconds - Streamline Investigations with Splunk Enterprise Security

Mar 28, 2024 By Splunk In Splunk

A SOC analyst's day-to-day tasks involve investigating notable events to gather information about security incidents. Recent enhancements within the Incident Review and Risk Analysis dashboards in Splunk Enterprise Security allows analysts to streamline their investigation process and reduce the number of manual tasks they perform daily. Multiple drill-down searches on correlation rules, updates to "dispositions" in the Incident Review dashboard, and hyperlinks in Correlation Search “Next Steps” allow for faster, more efficient investigations.

View Video

Splunk

Read more about SIEM in Seconds - Streamline Investigations with Splunk Enterprise Security

Building the Modern SOC: How CrowdStrike Deployed Next-Gen SIEM to Increase Search Speed by 150x and Find Issues in Seconds

Mar 27, 2024 By Kasey Cross In CrowdStrike

Imagine you’re up against the world’s most advanced adversaries — those that use automation and AI, can drop malware in seconds and break out from compromised endpoints to navigate target environments in just over two minutes. This is a day in the life of a CrowdStrike SOC engineer.

Read Post

CrowdStrike

Read more about Building the Modern SOC: How CrowdStrike Deployed Next-Gen SIEM to Increase Search Speed by 150x and Find Issues in Seconds

Meeting Compliance Regulations with SIEM and Logging

Mar 27, 2024 By The Graylog Team In Graylog

SIEM and log management provide security to your organization; these tools allow your security analysts to track events such as potential and successful breaches of your system and react accordingly. Usually, it doesn’t matter how you ensure your organizational safety as long as you do. However, is your organization in the health, financial, or educational industry?

Read Post