Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Ten modern SIEM use cases at cloud scale

The role of SIEM has never gone away. From the beginning, it’s been the backbone of security operations: the system where logs converge, alerts are analyzed, and incidents are investigated. What’s changed is our ability to use it correctly. Legacy, traditional SIEM tools forced trade-offs. Teams filtered data at ingest, dropped logs to control costs, or siloed analytics into disconnected point tools. The result was a SIEM that felt heavy, reactive, and underwhelming.

LevelBlue Managed WAAP Enables Organizations to Solve Day 1 WAAP Implementation Challenges

Deploying Web Application and API Protection (WAAP) systems is crucial for bolstering cybersecurity defenses. Akamai reported 108 billion API attacks over an 18-month period, underscoring the value of APIs to cybercriminals. Like any new security measure, the initial deployment brings various challenges during the "Day One" process. These Day One challenges should not compromise security effectiveness or disrupt business operations.

SpiderLabs Ransomware Tracker Update September 2025: Qilin, Akira Top Ransomware Attackers

The threat groups Qilin and Akira together conducted about one-quarter of the 402 ransomware attacks tracked by Trustwave SpiderLabs in September, with the manufacturing and technology sectors receiving the brunt of these efforts. This information was derived from a new SpiderLabs ransomware tracking tool that gathers information from a variety of open intelligence sources and our own proprietary research.

AI security posture management (AI-SPM): All information in one place

As AI adoption grows, so do the related risks. Organizations are actively looking for strategies to secure their AI systems. According to Vanta’s State of Trust Report, 62% of organizations plan to boost investments in AI security in the next 12 months. ‍ However, another recent survey on AI governance reveals that more than half of organizations find it challenging to keep up with AI security developments.

Vanta signs a strategic collaboration agreement with AWS to deepen integration

We’re thrilled to announce that Vanta has signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS) to make it even easier for businesses to scale securely in the cloud. We’re expanding the reach of our compliance automation and trust management platform, enabling organizations to build stronger security programs, accelerate audit readiness, and demonstrate compliance more efficiently—all while scaling on AWS. ‍

Elevate Application Security from the Start with Static Analysis for Effective Risk Management

Securing your applications couldn’t be more important in today’s fast-moving world of software development. Organizations face mounting pressure to deliver innovative software at an accelerated pace, yet this speed must never compromise security. This is where DevSecOps becomes crucial. With threats constantly getting smarter, developers need effective tools to write secure code right from the start.

Weekly Cyber Security News 02/10/2025

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ouch. Really ouch. Just a hop and a skip away: I suppose it is fair to point out that you need physical access to perform this. Hard, but not impossible: A win is a win.

PCI DSS 4.0.1 Checklist (2025): Automate 6.4.3 and 11.6.1

PCI DSS 4.0.1 became mandatory on March 31, 2025, bringing in 47 new requirements that fundamentally changed how compliance works. Organizations that treated PCI as an annual audit exercise now face a standard that expects real-time visibility into payment pages. Requirements 6.4.3 and 11.6.1 are the most impactful additions, which require real-time visibility into scripts and payment page changes. A spreadsheet updated quarterly can’t deliver that.