%term

The latest News and Information on Security Incident and Event Management.

Five Reasons Security Operations Teams Augment Microsoft Sentinel With New-Scale Analytics

Apr 24, 2026 By Exabeam In Exabeam

Security operations teams face rising alert volumes, tighter staffing, and growing pressure to reduce risk without adding tools or people. If Microsoft Sentinel sits at the center of your environment, you may already see where it helps and where it starts to strain. For many teams, that moment shows up when detections lag, investigations drag, or too much work funnels to a small group of specialists.

Read Post

Exabeam

Read more about Five Reasons Security Operations Teams Augment Microsoft Sentinel With New-Scale Analytics

An Introduction to the NIST Risk Management Framework (RMF)

Apr 24, 2026 By Jeff Darrington In Graylog

While inherently critical to today’s businesses that run on data, implementing and enforcing data security and privacy has never been straightforward. Between collecting different types of sensitive data and deploying unique architectures, organizations cannot adopt a one-size-fits-all solution, meaning that every security architecture is unique.

Read Post

Graylog

Read more about An Introduction to the NIST Risk Management Framework (RMF)

The New CISO Ep. 144 - Rob Knoblauch | Your Most Valuable Skills Aren't Technical

Apr 23, 2026 By Exabeam In Exabeam

Cybersecurity debates tend to center on tools, frameworks, and threats. But Rob Knoblauch has built a 25-year career in global security leadership by focusing on the soft skills that determine whether a CISO survives, thrives, or burns out. In this episode of The New CISO, Rob joins Steve Moore to trace the through-line from running a multi-node BBS as a kid to serving as Deputy CISO of one of the world’s largest banks — and the career lessons he’s carried through every chapter.

View Video

Exabeam

Read more about The New CISO Ep. 144 - Rob Knoblauch | Your Most Valuable Skills Aren't Technical

Exabeam Extends Agent Behavior Analytics to the Google Cloud Agent Ecosystem

Apr 22, 2026 By Exabeam In Exabeam

Comprehensive visibility and anomaly detection now available for agents built with Google Cloud's Agent Development Kit and multi-agent workflows via the upcoming Google Agent Gateway.

Read Post

Exabeam

Read more about Exabeam Extends Agent Behavior Analytics to the Google Cloud Agent Ecosystem

Securing air-gapped environments with Elastic on Google Distributed Cloud

Apr 22, 2026 By Jason Pappalexis In Elastic

If you are not using AI to defend against AI, you will lose. But for organizations operating in air-gapped environments, the path to AI-driven defense can be blocked by the very isolation that protects them. Today, we're announcing that Elastic Security is now the embedded security layer for Google Distributed Cloud (GDC) air-gapped environments, expanding our collaboration with Google Cloud.

Read Post

Elastic

Read more about Securing air-gapped environments with Elastic on Google Distributed Cloud

OWASP Defines AI Agent Risk. Behavioral Analytics Detects It

Apr 22, 2026 By Exabeam In Exabeam

The OWASP Top 10 for Agentic Applications defines the most common AI agent risks, but real attacks unfold across multiple stages of behavior. Behavioral analytics detects those risks by modeling how users, AI agents, and their interactions change over time. By observing deviations across inputs, processing, and outputs, security operations teams can identify insider‑driven and agent‑driven threats that traditional, event‑based detection misses.

Read Post

Exabeam

Read more about OWASP Defines AI Agent Risk. Behavioral Analytics Detects It

Best Practices for Managing Hybrid Cloud Security

Apr 22, 2026 By Jeff Darrington In Graylog

As a kid, fruit punch always seemed like a magical drink. A mix of orange, cherry, apple, and cranberry created a unique flavor that differed substantially from any one juice. These hybrid drinks not only quenched thirst but their complexity made it difficult to truly recreate them by hand.

Read Post

Graylog

Read more about Best Practices for Managing Hybrid Cloud Security

Ep 39: This is your first ransomware attack, not ours

Apr 21, 2026 By Sumo Logic, Inc. In Sumo Logic

On this episode of Masters of Data, we sat down with Steven Manley, CTO of Druva, to get the unfiltered truth about ransomware: it's not a matter of if you'll be breached, but when, and bad actors are now launching hundreds of attacks at a surprisingly low cost. We dig into why attackers lurk undetected for 200-plus days, how AI is being weaponized for everything from eerily convincing voice phishing to secretly training your own AI systems against you, and why your most protected assets are rarely what gets hit first.

View Video

Sumo Logic

Read more about Ep 39: This is your first ransomware attack, not ours

Claude Mythos, Project Glasswing, and the Machine-Speed Security Race

Apr 16, 2026 By Exabeam In Exabeam

Anthropic’s latest Claude news shows how AI is compressing the time from vulnerability discovery to credentialed lateral movement, and why security teams need behavior-based detection across humans and AI agents. Anthropic’s Project Glasswing, announced on April 7, 2026, gives selected partners early access to Claude Mythos Preview for defensive cybersecurity work. Anthropic says the model has already identified thousands of zero-day vulnerabilities across critical infrastructure.

Read Post

Exabeam

Read more about Claude Mythos, Project Glasswing, and the Machine-Speed Security Race

This May Be Hurting Your Incident Response Efforts...

Apr 16, 2026 By LevelBlue In LevelBlue

Some of the biggest delays in incident response aren’t caused by the attacker… they’re caused by the first steps taken after discovery. A few examples of well-intentioned actions that can unintentionally slow investigations and extend recovery timelines: Resilience isn’t built during an incident. It’s built before one ever happens.

View Video