%term

The latest News and Information on Security Incident and Event Management.

Transform AWS Security Operations with Falcon Next-Gen SIEM

Dec 1, 2025 By Vicky Ngo-Lam In CrowdStrike

CrowdStrike is redefining how SOC teams turn cloud data into actionable intelligence by unifying speed, scale, and cost efficiency in one platform built for the cloud and AI era. Together with AWS, today we are announcing new integrations and consumption options designed to further simplify how customers secure and operationalize workloads on Amazon Web Services (AWS).

Read Post

CrowdStrike

Read more about Transform AWS Security Operations with Falcon Next-Gen SIEM

Datadog Cloud SIEM: Driving innovation in security operations

Dec 1, 2025 By Vera Chan In Datadog

Security can quickly become overwhelming for large organizations, with teams processing logs that are fragmented across cloud providers and SaaS platforms, staggering alert volumes, and the need to scale operations efficiently as environments grow. Datadog Cloud SIEM is designed to help teams manage this workload by centralizing insights, detecting threats faster, and prioritizing investigations with rich risk context.

Read Post

Datadog

Read more about Datadog Cloud SIEM: Driving innovation in security operations

Why a Cloud SIEM Just Makes Sense

Dec 1, 2025 By The Graylog Team In Graylog

The irony of being an adult working in IT and security is that where having your head “in the clouds” was inappropriate as a child, today most of your activities require you to have your head in the cloud. Organizations moved their business operations to the cloud because they could achieve various operational benefits, like improved collaboration and reduced costs. Yet, many companies still maintain an on-premises SIEM.

Read Post

Graylog

Read more about Why a Cloud SIEM Just Makes Sense

Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue

Nov 27, 2025 By LevelBlue In LevelBlue

As email-based cyberattacks surge, security teams are struggling to stay ahead of increasingly sophisticated phishing, Business Email Compromise (BEC), and AI-driven social engineering. With attackers exploiting platforms like Microsoft 365, Google Workspace, OneDrive, and SharePoint, organizations face growing pressure to strengthen protection, visibility, and compliance.

View Video

LevelBlue

Read more about Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue

MCP ROI in a New Era of AI Orchestrated Threats

Nov 26, 2025 By The Graylog Team In Graylog

Security leaders spent most of the past year testing AI driven security automation. Many discovered that the promise of fully autonomous SOC operations collided with the reality of hallucinations, opaque recommendations, and inconsistent outcomes. McKinsey research now shows that more than 80 percent of organizations have not realized meaningful results from gen AI programs.

Read Post

Graylog

Read more about MCP ROI in a New Era of AI Orchestrated Threats

Rehydrate archived logs in any SIEM or logging vendor with Observability Pipelines

Nov 26, 2025 By Zara Boddula In Datadog

Security and observability teams generate terabytes of log data every day—from firewalls, identity systems, and cloud infrastructure, in addition to application and access logs. To control SIEM costs and meet long-term retention requirements, many organizations archive a significant portion of this data in cost-optimized object storage such as Amazon S3, Google Cloud Storage, and Azure Blob Storage.

Read Post

Datadog

Read more about Rehydrate archived logs in any SIEM or logging vendor with Observability Pipelines

Detecting SHA1-Hulud: the logs must flow

Nov 26, 2025 By Daniel Kaiser In Sumo Logic

Sha1-Hulud has burrowed back into our lives, spreading rapidly and causing more destruction than ever. Named after the famous worm from the Dune franchise, this attack is also impacting global organizations. Since its first widescale spread on September 16, 2025, this worm has demonstrated its ability to propagate rapidly with high impact using the following techniques: This variant includes some new behavior, including.

Read Post

Sumo Logic

Read more about Detecting SHA1-Hulud: the logs must flow

5 Signs You've Outgrown Your Open-Source SIEM

Nov 25, 2025 By Jeff Darrington In Graylog

The evolution of your security stack is similar to the different phases of buying cars. In the beginning, you just need enough to transport a few items, maybe yourself and a few friends. The inexpensive two-door hatchback is perfect. However, as your family grows, whether with small humans or pets, you increasingly need more space and more capacity, leading to purchasing a four-door sedan or, even, a mini-van.

Read Post

Graylog

Read more about 5 Signs You've Outgrown Your Open-Source SIEM

Ep 19: The atomic habits of cybersecurity professionals

Nov 25, 2025 By Sumo Logic, Inc. In Sumo Logic

In this Masters of Data episode, we welcome back Zoe Hawkins and Roland Palmer to discuss building better security practices through small, incremental improvements personally and professionally. We emphasize regularly auditing security policies to avoid unnecessary friction that forces workarounds, treating security as sociology rather than just technology. We cover practical approaches like habit-stacking, weekly business reviews, staying informed about threats through intentional news consumption, and developing cognitive humility with security prompts.

View Video

Sumo Logic

Read more about Ep 19: The atomic habits of cybersecurity professionals

Mastering Dojo AI: How Agentic Intelligence Transforms SecOps - Customer Brown Bag - Nov 20th, 2025

Nov 21, 2025 By Sumo Logic, Inc. In Sumo Logic

Join us as Chas and Christopher review Sumo Logic's Dojo AI, our multi-agent platform designed to power proactive security and modern incident response.

View Video