Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

sumologic

How AI will impact cybersecurity: the beginning of fifth-gen SIEM

Apr 16, 2024 By Christopher Beier In Sumo Logic
The power of artificial intelligence (AI) and machine learning (ML) is a double-edged sword — empowering cybercriminals and cybersecurity professionals alike. AI, particularly generative AI’s ability to automate tasks, extract information from vast amounts of data, and generate communications and media indistinguishable from the real thing, can all be used to enhance cyberattacks and campaigns.
Read Post
elastic

Zero Trust requires unified data

Apr 15, 2024 By Woody Walton, In Elastic
It’s vital to have a common understanding and shared context for complex technical topics. The previously adopted perimeter model of security has become outdated and inadequate. Zero Trust (ZT) is the current security model being designed and deployed across the US federal government. It’s important to point out that ZT is not a security solution itself. Instead, it’s a security methodology and framework that assumes threats exist both inside and outside of an environment.
Read Post
CrowdStrike

CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments

Apr 15, 2024 By Christopher Miller In CrowdStrike
CrowdStrike Falcon Next-Gen SIEM, the definitive AI-native platform for detecting, investigating and hunting down threats, enables advanced detection of ransomware targeting VMware ESXi environments. CrowdStrike has observed numerous eCrime actors exploiting ESXi infrastructure to encrypt virtual machine volumes from the hypervisor to deploy ransomware in organizations. Access to ESXi infrastructure typically takes place as part of lateral movement.
Read Post

Top 5 Myths About API Security and What To Do Instead

Apr 15, 2024 By Graylog In Graylog
Discover the top five myths about API security and learn the effective strategies for protecting your digital assets. Understand why attacks are common, the limitations of perimeter security, and the importance of a zero trust model in this comprehensive overview. Uncover the realities of API security, from the prevalence of attacks to the challenges of relying on perimeter defenses. Learn why a zero trust approach and better developer engagement are key to robust API protection.
View Video

Graylog V6 and SOC Prime: Cyber Defense with MITRE Framework Webinar

Apr 11, 2024 By Graylog In Graylog
Insights from Graylog and SOC Prime Join us for an exclusive session where we unveil the integrations between Graylog, a comprehensive log management solution, and SIEM, and SOC Prime’s Platform for collective cyber defense. Discover how integrating these solutions transforms your approach to security, providing a robust foundation for crisis management and resilience against cyber threats.
View Video

Elastic Security | AI Assistant Demo

Apr 11, 2024 By Elastic In Elastic
Elastic AI Assistant can provide real-time, personalized alert insights — empowering security teams to stay one step ahead in the ever-evolving threat landscape. With the power of large language models (LLMs), the AI Assistant can process multiple alerts simultaneously, offering an unprecedented level of insight and customization. You can interact with your data by asking complex questions and receiving context-aware responses tailored to your needs. Watch this demo from James Spiteri, Director of Product Management at Elastic to see what's new in the Elastic AI Assistant in Elastic Security 8.12.
View Video
graylog

The Ultimate Guide to Sigma Rules

Apr 9, 2024 By Jeff Darrington In Graylog
In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.
Read Post
elastic

Tracing history: The generative AI revolution in SIEM

Apr 9, 2024 By Mike Nichols, In Elastic
The cybersecurity domain mirrors the physical space, with the security operations center (SOC) acting as your digital police department. Cybersecurity analysts are like the police, working to deter cybercriminals from attempting attacks on their organization or stopping them in their tracks if they try it. When an attack occurs, incident responders, akin to digital detectives, piece together clues from many different sources to determine the order and details of events before building a remediation plan.
Read Post
elastic

5 reasons why observability and security work well together

Apr 8, 2024 By Jennifer Ellard, In Elastic
Site reliability engineers (SREs) and security analysts — despite having very different roles — share a lot of the same goals. They both employ proactive monitoring and incident response strategies to identify and address potential issues before they become service impacting. They also both prioritize organizational stability and resilience, aiming to minimize downtime and disruptions.
Read Post

AT&T DDoS Defense Portal Email Alert Video

Apr 8, 2024 By AT&T Cybersecurity In AT&T Cybersecurity
In this video, you'll learn about AT&T DDoS Defense Service Alert Emails. We'll also give you an overview of the investigation process. For any high severity alerts, which are caused by traffic exceeding thresholds in protected zones, the DDoS Defense Service sends an alert email to your contacts. At the same time, a ticket is created for the AT&T Threat Management Team to investigate the alert.
View Video
Subscribe to SIEM

Copyright © 2024 OpsMatters™. All rights reserved.