%term

The latest News and Information on Security Incident and Event Management.

How to choose AI security tools that actually reduce false positives

Dec 11, 2025 By David Girvin In Sumo Logic

Let’s be honest: if your SOC is drowning in noise, you’re not “doing security.” You’re babysitting tools that cry wolf. And the wolves? They’re doing just fine. Every vendor claims their AI magically cuts false positives. Most don’t. Why?

Read Post

Sumo Logic

Read more about How to choose AI security tools that actually reduce false positives

Why a People-Centric Security Strategy Improves Resilience

Dec 10, 2025 By The Graylog Team In Graylog

If Darth Vader and the rest of the Empire made one major strategic mistake, it was failing to understand the important role that the human element plays in security. Convinced of their superiority, the Empire’s leaders assumed that the Death Star was impenetrable. However, in the end, it was a scientist and his team who compromised the technology by building in a backdoor.

Read Post

Graylog

Read more about Why a People-Centric Security Strategy Improves Resilience

Logs & Lattes Episode 4: How 2025 Reshaped SOCs and What Matters in 2026

Dec 10, 2025 By Graylog In Graylog

Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.

View Video

Graylog

Read more about Logs & Lattes Episode 4: How 2025 Reshaped SOCs and What Matters in 2026

How 2025 Reshaped SOCs and What Matters in 2026

Dec 10, 2025 By Graylog In Graylog

Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.

View Video

Graylog

Read more about How 2025 Reshaped SOCs and What Matters in 2026

Calculating a SIEM's Total Cost of Ownership

Dec 8, 2025 By The Graylog Team In Graylog

A security information and event management (SIEM) solution aggregates and correlates data from across the organization’s complex, interconnected environment. Modern enterprise IT consists of decentralized users and applications that require organizations to implement technologies that provide visibility across disparate security solutions. Simultaneously, SIEMs have a reputation for being difficult and expensive to manage.

Read Post

Graylog

Read more about Calculating a SIEM's Total Cost of Ownership

Falcon Shield Evolves with AI Agent Visibility and Falcon Next-Gen SIEM Integration

Dec 8, 2025 By Charles Choe In CrowdStrike

CrowdStrike is introducing two powerful innovations in CrowdStrike Falcon Shield to stop identity-based attacks in the AI era: a centralized view of AI agents across platforms and the integration of first-party SaaS telemetry into CrowdStrike Falcon Next-Gen SIEM — the industry’s first native integration of SaaS security posture management (SSPM) and next-gen SIEM.

Read Post

CrowdStrike

Read more about Falcon Shield Evolves with AI Agent Visibility and Falcon Next-Gen SIEM Integration

How Exabeam Uses Its Own Security Platform to Defend Against Threats

Dec 3, 2025 By Exabeam In Exabeam

At Exabeam, we don’t just build a security operations platform — we use it to protect ourselves. In this behind-the-scenes look at the Exabeam Security Operations Center (SOC), you’ll see exactly how Exabeam uses Exabeam to secure our corporate systems, customer data, cloud environments, and internal infrastructure.

View Video

Exabeam

Read more about How Exabeam Uses Its Own Security Platform to Defend Against Threats

Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Dec 2, 2025 By CrowdStrike In CrowdStrike

See how Falcon Next-Gen SIEM delivers instant, frictionless integration with AWS for full visibility in minutes. Watch how pre-built detections analyze every API call, connecting events into clear attack stories. With automated response playbooks that take immediate action, you can detect faster, respond smarter, and stop cloud threats before they spread. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Ep 21: How to start a threat program

Dec 2, 2025 By Sumo Logic, Inc. In Sumo Logic

In this Masters of Data episode, we welcome back Chas Clawson to discuss building effective threat hunting programs from the ground up. We explore the difference between proactive threat hunting and detection engineering, emphasizing how AI tools are making sophisticated security operations accessible to teams of any size. We cover practical approaches, such as prioritizing threats based on business risk, creating feedback loops between red and blue teams, and measuring success through meaningful metrics rather than vanity numbers.

View Video

Sumo Logic

Read more about Ep 21: How to start a threat program

Sumo Logic Intelligent Security Operations Platform overview

Dec 1, 2025 By Sumo Logic, Inc. In Sumo Logic

Security workflows are broken, resulting in disconnected tools, overwhelming data, and missed threats. Discover how Sumo Logic’s Intelligent Security Operations Platform ingests all the data you need, helping you cut through the noise and focus on what matters most.

View Video