SIEM

The latest News and Information on Security Incident and Event Management.

Google Chronicle vs. Splunk: An Insider's Perspective on Features, Pricing, and User Experience

Dec 1, 2024 By Cybriant In Cybriant

Cloud technology has come a very long way over the years, and about 87% of Fortune 500 companiescurrently use at least one cloud computing platform. Google Chronicle and Splunk are cloud services that are designed to allow organizations to privately retain, analyze, and search through security and network elements. An enterprise can use them to organize and analyze data to provide insights and context on risky activity. You can look at Google Chronicle vs.

Read Post

Cybriant

Read more about Google Chronicle vs. Splunk: An Insider's Perspective on Features, Pricing, and User Experience

Demystifying Kubernetes for Security Analytics: Enhancing TDIR for Cloud Deployments

Nov 26, 2024 By Graylog In Graylog

Kubernetes has revolutionized cloud applications, enabling them to function as microservices distributed across global clusters, significantly enhancing fault tolerance, high availability, and cost efficiency. However, with this great power comes the critical responsibility of maintaining security and observability. Despite its many strengths, Kubernetes lacks a built-in centralized log store, relying instead on third-party plugins for this essential functionality.

View Video

Graylog

Read more about Demystifying Kubernetes for Security Analytics: Enhancing TDIR for Cloud Deployments

Navigating the Cybersecurity Risks of Illicit Streaming Devices

Nov 26, 2024 By Jeff Darrington In Graylog

Illicit streaming devices have become an unnoticed yet significant threat in many households and corporate environments. These devices, often advertised with wild promises of free access to premium content, have a dark side that many users might not be aware of. They operate much like the “black boxes” of the 1990s, offering access to pay-per-view events and premium channels at suspiciously low costs.

Read Post

Graylog

Read more about Navigating the Cybersecurity Risks of Illicit Streaming Devices

Do You Need IDS and IPS?

Nov 25, 2024 By Jeff Darrington In Graylog

Imagine, for a moment, that your IT environment is the Death Star. You know the rebels will try to rescue Princess Leia. If you’re Darth Vader, you need systems that detect Luke and Chewbacca when they gain unauthorized access and systems that prevent them from accessing the Death Star. As a security analyst, you have varied technologies that detect and prevent malicious actors from gaining unauthorized access to your networks.

Read Post

Graylog

Read more about Do You Need IDS and IPS?

Researching Illicit Streaming Devices with Graylog

Nov 25, 2024 By Graylog In Graylog

In February 2024, I discovered a whisper campaign targeting folks in critical infrastructure with a pirate streaming box. While Illicit streaming devices are not new, this one is particularly ""chatty"". When I discovered it was communicating to qqcom, I knew I needed to start ingesting logs and needed a SIEM. I was able to quickly deploy Graylog and collect and correlate logs to understand behavior of the device.

View Video

Graylog

Read more about Researching Illicit Streaming Devices with Graylog

Turn unstructured data into insights with Sumo Logic

Nov 22, 2024 By Sumo Logic In Sumo Logic

Achieve maximum visibility into your structured and unstructured data with Sumo Logic’s AI-powered Log Analytics Platform. With schema on-demand, there’s no need to organize your data before uploading. Gain real-time insights, visualize patterns, and centralize your data into a single source of truth to power every step of your DevSecOps journey.

View Video

Sumo Logic

Read more about Turn unstructured data into insights with Sumo Logic

Reduce alert fatigue with Sumo Logic's AI-driven alerting and automation

Nov 22, 2024 By Sumo Logic In Sumo Logic

Tired of endless alerts and manual processes slowing you down? Sumo Logic’s AI-driven alerting and automation reduces false negatives by 90%, streamlines resolution, and cuts down on burnout.

View Video

Sumo Logic

Read more about Reduce alert fatigue with Sumo Logic's AI-driven alerting and automation

CrowdStrike and Cribl Expand Partnership with CrowdStream for Next-Gen SIEM

Nov 21, 2024 By Chris Stewart In CrowdStrike

While SIEM solutions have existed for decades now, the market has faced recent upheaval with the advent of cloud-native solutions and a surge of mergers and acquisitions in the last year. As the SIEM market undergoes seismic shifts, CrowdStrike and Cribl have joined forces to help SOCs with their modernization journey. We’re pleased to share that CrowdStrike and Cribl are expanding our partnership to help organizations take the next step in their SIEM journey.

Read Post

CrowdStrike

Read more about CrowdStrike and Cribl Expand Partnership with CrowdStream for Next-Gen SIEM

The Hidden Costs of a SIEM: The Need for a New Approach

Nov 20, 2024 By Lauren Farrell In Centripetal

Maintaining robust cybersecurity defenses comes with significant costs, but one area that often exceeds is the ongoing administration of Security Information and Event Management (SIEM) systems. The expenses associated with logging, storing, and managing SIEM data can escalate rapidly, especially when compounded by compliance and regulatory requirements. What are these hidden costs and how can you mitigate them while also ensuring compliance?

Read Post

Centripetal

Read more about The Hidden Costs of a SIEM: The Need for a New Approach

Graylog Year of CTFs: A Look Back at Our Biggest Highlights

Nov 20, 2024 By The Graylog Team In Graylog

2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their skills, deepening their knowledge, and having fun along the way.

Read Post