%term

The latest News and Information on Security Incident and Event Management.

SIEM Requirements for MSPs: What You Need to Get Right

Dec 23, 2025 By SafeAeon Inc. In SafeAeon

SIEM is a streamlined tool used by managed service providers (MSPs) to monitor activity across their clients’ systems in real time. The tool brings security data into one place. This makes it easier to spot suspicious activity early and respond quickly if something goes wrong. SIEM provides MSPs with a single, clear view of their environment to improve day-to-day monitoring. It also takes less time to investigate security incidents.

Read Post

SafeAeon

Read more about SIEM Requirements for MSPs: What You Need to Get Right

2025 Security Trends That Defined the SOC and What 2026 Will Demand

Dec 19, 2025 By Jeff Darrington In Graylog

2025 exposed a shift that had been forming for years. Security operations were not slowed by limited visibility or weak tooling. They were slowed because the effort required to interpret growing volumes of data increased faster than staffing, budgets, or governance frameworks could support. Alert queues expanded, dashboards multiplied, cloud bills shaped retention choices, and AI arrived before most organizations had clear policies to supervise it. It was not a talent problem.

Read Post

Graylog

Read more about 2025 Security Trends That Defined the SOC and What 2026 Will Demand

Understanding Ransomware Email Threats

Dec 18, 2025 By Jeff Darrington In Graylog

The Ransomware-as-a-Service (RaaS) ecosystem has changed the look and shape of modern day ransomware attacks. Malicious actors typically view their cybercrimes as a business, hoping to make the most amount of money with the least amount of effort. For example, according to research, AI-automated phishing attacks performed similarly to human generated ones and 350% better than the ones sent to the control group.

Read Post

Graylog

Read more about Understanding Ransomware Email Threats

The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Dec 17, 2025 By Oren Shevach In Sumo Logic

For years, security teams have dealt with the challenges of alert fatigue, endless tools and data sources, and constant context switching. But, so far, we haven’t been able to significantly improve it with traditional tools. However, new agentic approaches can start providing improved gains. This begins to change the way SOC teams operate and approach managing their talent.

Read Post

Sumo Logic

Read more about The SOC Analyst Agent: Bring an Agentic approach to work with your SOC team

Understanding the Department of Justice (DOJ) Data Security Program

Dec 16, 2025 By The Graylog Team In Graylog

On April 8, 2025, the National Security Division (NSD) of the US Justice Department (DOJ) implemented the Data Security Program (DSP).

Read Post

Graylog

Read more about Understanding the Department of Justice (DOJ) Data Security Program

Ep 23: How to bootstrap your AppSec program

Dec 16, 2025 By Sumo Logic, Inc. In Sumo Logic

On this episode of Masters of Data, Adam sits down with Zoe Hawkins and David Girvin to talk AppSec programs that don't suck. David's hot take from his 1Password and Red Canary days? AppSec is a people problem, not a tooling problem—stop being the person devs dodge at standup. We cover the essentials: build relationships first, threat model based on actual business risk (not your anxiety), and ditch the "shift left" obsession with scanning everything. Instead, start with offensive testing that finds vulnerabilities attackers can actually exploit.

View Video

Sumo Logic

Read more about Ep 23: How to bootstrap your AppSec program

Fireside Chat: LevelBlue + Tenable Partnership - Unlimited Vulnerability Scanning at No Cost

Dec 16, 2025 By LevelBlue In LevelBlue

Discover how LevelBlue and Tenable are transforming cybersecurity in this exclusive fireside chat featuring Michael Vaughn, Director of Product Management at LevelBlue, and Greg Goetz, VP of Global Strategic Partners at Tenable.

View Video

LevelBlue

Read more about Fireside Chat: LevelBlue + Tenable Partnership - Unlimited Vulnerability Scanning at No Cost

Questions to ask before vetting an AI agent for your SOC

Dec 16, 2025 By Margaret Selid In Sumo Logic

So you’re ready to “hire” an agent or two for security operations. While AI agents won’t replace your human analysts, they are quickly becoming indispensable team members. Choosing the right ones should resemble a typical hiring process: you need to determine if they possess the necessary skills to fill your team’s gaps, work effectively with others, and grow with your organization. Here are five questions worth asking before you bring an AI agent on board in your SOC.

Read Post

Sumo Logic

Read more about Questions to ask before vetting an AI agent for your SOC

Platform enhancements strengthening security across every child org

Dec 16, 2025 By Margaret Selid In Sumo Logic

Multi-org environments introduce complexity that most tools simply weren’t built for. Analysts are often forced to jump between different orgs, duplicate configuration work, and maintain parallel dashboards, alerts, and content–inefficiencies that increase risk, overhead, and time-to-response. Every minute spent managing infrastructure is one you’re not spending serving your clients or responding to threats.

Read Post

Sumo Logic

Read more about Platform enhancements strengthening security across every child org

The only vendor standing: Elastic's clean sweep in 2025 AV-Comparatives Tests

Dec 15, 2025 By Roxana Gheorghe In Elastic

In the current threat landscape, the margin for error is nonexistent. According to the IBM Cost of a Data Breach Report 2025,1 the average cost of a data breach in the US has surged to a record $10.22 million — a 9% increase from the previous year. For security teams, this reality creates a high-pressure environment where every missed signal or allowed compromise can spiral into a headline-making crisis.

Read Post