SIEM

The latest News and Information on Security Incident and Event Management.

Challenges with Cybersecurity Asset Identification and Management

Nov 6, 2023 By Jeff Darrington In Graylog

Anyone who’s ever misplaced their wallet knows that horrible moment where their stomach drops, the beads of perspiration begin to form on their forehead, and they start mulling over worst-case scenarios. In that worst case scenario, someone used the cash and cards in the wallet to go on a personal spending spree. In a company’s IT environment, a missing device or shadow IT represents that missing wallet.

Read Post

Graylog

Read more about Challenges with Cybersecurity Asset Identification and Management

Applying an intelligence-based approach to Cybersecurity; SIEM and dark web monitoring

Nov 6, 2023 By Chris Mark In AT&T Cybersecurity

“History repeatedly has demonstrated that inferior forces can win when leaders are armed with accurate intelligence.” – Central Intelligence Agency; Intelligence in War In the ever-changing landscape of global cybersecurity, the boundaries between traditional military intelligence and cybersecurity are increasingly blurred. At the heart of this convergence lies the science of intelligence analysis—a process fundamental to both realms.

Read Post

AT&T Cybersecurity

Read more about Applying an intelligence-based approach to Cybersecurity; SIEM and dark web monitoring

Falcon Platform Raptor Release

Nov 6, 2023 By CrowdStrike In CrowdStrike

The next generation of the CrowdStrike Falcon® platform re-architects the platform using the same technology as CrowdStrike’s Next-Gen SIEM to unlock the future of generative AI and XDR for all. This enables you to perform lightning fast searches to hunt for threats and ingest data from sources from across your entire enterprise to detect sophisticated attacks.

View Video

CrowdStrike

Read more about Falcon Platform Raptor Release

Maximizing Data Security in the Cloud - Outperforming On Premise Solution - it-sa 2023 Keynote

Nov 6, 2023 By Sumo Logic In Sumo Logic

In an era where data breaches and cyber threats continue to escalate, businesses are seeking robust security solutions that offer a competitive edge. This session will delve into the advantages and advancements of cloud-based security systems, providing attendees with a comprehensive understanding of how cloud solutions can outshine their on-premise counterparts. We will explore the latest technologies, best practices, and real-world case studies to demonstrate the superior security measures offered by cloud-based solutions.

View Video

Sumo Logic

Read more about Maximizing Data Security in the Cloud - Outperforming On Premise Solution - it-sa 2023 Keynote

Cloud SIEM Log Parser Templates

Nov 3, 2023 By Sumo Logic In Sumo Logic

Learn about log parser templates for Sumo Logic's Cloud SIEM solution. The log parser templates provide a starting place for you to create your own parsers for your log sources. Parsers take logs from different sources and parse them into a standardized format for use in Cloud SIEM.

View Video

Sumo Logic

Read more about Cloud SIEM Log Parser Templates

EventSentry v5.1: Anomaly Detection / Permission Inventory / Training Courses & More!

Nov 2, 2023 By ingmar.koecher In EventSentry

We’re extremely excited to announce the availability of the EventSentry v5.1, which will detect threats and suspicious behavior more effectively – while also providing users with additional reports and dashboards for CMMC and TISAX compliance. The usability of EventSentry was also improved across the board, making it easier to use, manage and maintain EventSentry on a day-by-day basis. We also released 60+ training videos to help you get started and take EventSentry to the next level.

Read Post

EventSentry

Read more about EventSentry v5.1: Anomaly Detection / Permission Inventory / Training Courses & More!

Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM

Nov 2, 2023 By Alec Kostiner In Sumo Logic

As cloud applications and services gain prominence amongst organizations, adversaries are evolving their toolset to target these cloud networks. The surge in remote work and teleconferencing presents unprecedented opportunities for nefarious activities. Enter the MITRE ATT&CK Framework, also known as a MITRE ATT&CK Matrix—a treasure trove for defending cloud infrastructure and on-premises infrastructure against the newest adversary tactics, techniques, and procedures (TTPs).

Read Post

Sumo Logic

Read more about Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM

Okta evolving situation: Am I impacted?

Nov 2, 2023 By George Gerchow In Sumo Logic

Cybersecurity is never boring. In recent months, we’ve seen major cyberattacks on Las Vegas casinos and expanded SEC cybersecurity disclosure rules are top of mind. Is it any wonder we consistently recommend taking a proactive approach to secure your environment with a defense-in-depth strategy and appropriate monitoring? News outlets reported the recent compromise at the Identity and Authentication (IAM) firm, Okta.

Read Post

Sumo Logic

Read more about Okta evolving situation: Am I impacted?

Unpacking the new US executive order on artificial intelligence

Oct 31, 2023 By Bill Wright In Elastic

On Monday, October 30, President Biden signed the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence — the longest in history at 117 pages. The executive order (EO) aims to advance and regulate artificial intelligence (AI) in the US. This landmark order pulls together a number of priorities that influence not just the AI industry, but also society at large.

Read Post

Elastic

Read more about Unpacking the new US executive order on artificial intelligence

How to Create SIEM Correlation Rules

Oct 29, 2023 By cesmng In UTMStack

SIEM (Security Information and Event Management) systems play a crucial role in modern cybersecurity frameworks. They collate log and event data from an array of sources within an organization’s network, facilitating real-time analysis and long-term storage of this crucial information to uphold security standards. A core component of SIEM’s effectiveness lies in its correlation rules, which are designed to detect specific patterns or anomalies that might indicate a security issue.

Read Post