%term

The latest News and Information on Security Incident and Event Management.

This May Be Hurting Your Incident Response Efforts...

Apr 16, 2026 By LevelBlue In LevelBlue

Some of the biggest delays in incident response aren’t caused by the attacker… they’re caused by the first steps taken after discovery. A few examples of well-intentioned actions that can unintentionally slow investigations and extend recovery timelines: Resilience isn’t built during an incident. It’s built before one ever happens.

View Video

LevelBlue

Read more about This May Be Hurting Your Incident Response Efforts...

92% of security leaders say their SIEM is effective. 51% say it's exceptional. What's living in that gap?

Apr 16, 2026 By Michelle Beastall In Sumo Logic

If you hear that a product is 92% effective, you’d assume it’s operating as intended. It seems like a success story. But dig a little deeper, and the picture changes; only 51% say that their security information and event management (SIEM) is very effective. What does it mean when a majority of security relies on a tool that works, but doesn’t work well enough? Not broken, not exceptional. It’s somewhere in between.

Read Post

Sumo Logic

Read more about 92% of security leaders say their SIEM is effective. 51% say it's exceptional. What's living in that gap?

How Lean Security Teams Stay Ahead of AI-Powered Attacks

Apr 16, 2026 By Jeff Darrington In Graylog

In “Terminator 2“, the T-800 does not win because humans worked harder. It wins because the same machine capability that made it dangerous was reprogrammed to fight for the defenders. Project Glasswing is exactly that. Claude Mythos Preview is Anthropic’s most powerful AI model and the one they refused to release publicly because it autonomously found thousands of zero-day vulnerabilities across every major operating system and browser. Flaws that decades of expert review never caught.

Read Post

Graylog

Read more about How Lean Security Teams Stay Ahead of AI-Powered Attacks

After the alert: Rethinking how we investigate financial crime

Apr 15, 2026 By Jon Williams In Elastic

Learn how Elastic helps financial institutions optimize investigation workflows, surface hidden patterns, and reduce time of investigation.

Read Post

Elastic

Read more about After the alert: Rethinking how we investigate financial crime

Ep 38: Wheels up, systems down: cybersecurity at cruising altitude

Apr 14, 2026 By Sumo Logic, Inc. In Sumo Logic

In this episode of Masters of Data, we buckle up and explore the staggering technological complexity behind the airline industry, from managing IoT devices across global fleets to navigating the data chaos of mergers and acquisitions. We dig into the delicate balance airlines strike between aging legacy systems and risky upgrades, and why getting that wrong isn't just costly but potentially catastrophic. We also look at how forward-thinking airlines are turning operational logs into real business wins, all while safeguarding the mountains of sensitive passenger data they collect every day.

View Video

Sumo Logic

Read more about Ep 38: Wheels up, systems down: cybersecurity at cruising altitude

How To Build an Effective IT Disaster Recovery Plan

Apr 14, 2026 By Jeff Darrington In Graylog

When weather forecasters predict hurricanes and blizzards, people rush to the grocery store for bread, milk, snacks, and water. While the snacks may be part of the storm preparation, the bread, milk, and water are part of the post-storm recovery. People know that they may experience power outages, water service disruption, or difficulty getting to stores. In short, the people plan how to recover in a disaster’s aftermath.

Read Post

Graylog

Read more about How To Build an Effective IT Disaster Recovery Plan

Add Context, Risk Scoring, and Automation to Microsoft Sentinel

Apr 13, 2026 By Exabeam In Exabeam

Microsoft Sentinel gives security operations team visibility into activity across Microsoft environments. As those environments grow, many teams start looking for deeper behavioral context, more consistent investigations, and ways to reduce manual work without replacing what already works. That’s where the Exabeam Microsoft Sentinel Collector comes in.

Read Post

Exabeam

Read more about Add Context, Risk Scoring, and Automation to Microsoft Sentinel

What is the OWASP Top 10 for LLM Application Security

Apr 10, 2026 By Jeff Darrington In Graylog

Initially published by the Open Worldwide Application Security Project (OWASP) in 2023, the Top 10 for LLM Application Security list seeks to bridge the gap between traditional application security and the unique threats related to large language models (LLMs). Even where the vulnerabilities listed have the same names, the Top 10 for LLM Application Security focuses on how threat actors can exploit LLMs in new ways and potential remediation strategies that developers can implement.

Read Post

Graylog

Read more about What is the OWASP Top 10 for LLM Application Security

Your AI SOC still needs a SIEM. Here's why that won't change.

Apr 9, 2026 By Michelle Beastall In Sumo Logic

Everyone is building sophisticated intelligence layers with improved models and smarter agents to automate threat detection, investigation, and response. It’s what is needed in order to mature into an AI SOC. However, the organizations seeing the most value from AI in their SOC are not focusing solely on the intelligence layer. They’re focusing on the data foundation first.

Read Post

Sumo Logic

Read more about Your AI SOC still needs a SIEM. Here's why that won't change.

Inside Kyndryl's AI security strategy with Elastic

Apr 9, 2026 By Elastic In Elastic

In this video, Kyndryl and Elastic discuss how they work together to simplify security, data, and AI systems. They explain how Search AI, Agentic AI, and observability help businesses reduce complexity, improve speed, and manage threats more effectively. Additional Resources.

View Video