SIEM

The latest News and Information on Security Incident and Event Management.

How using Cloud SIEM dashboards and metrics for daily standups improves SOC efficiency

Apr 20, 2023 By Sumo Logic In Sumo Logic

When we talk about emerging technologies and digitization, we often forget that while innovators work to bring the best solutions to market, cybersecurity gurus are concurrently working to identify loopholes and vulnerabilities in these new systems. Gone are the days when cyber attacks were monthly news; instead, they happen almost daily.

Read Post

Sumo Logic

Read more about How using Cloud SIEM dashboards and metrics for daily standups improves SOC efficiency

Beyond the build: Why runtime security is critical for container protection

Apr 19, 2023 By Daniel Rohan In Elastic

Containers and microservices have changed the game: They allow organizations to ship apps faster and make better use of hardware. They encourage modular software design. And containers help teams embrace the cloud-native paradigms of scalability, mobility, and resilience. It’s safe to say that containers have shaken things up.

Read Post

Elastic

Read more about Beyond the build: Why runtime security is critical for container protection

Threat Hunting vs Incident Response for Cyber Resilience

Apr 18, 2023 By The Graylog Team In Graylog

Protecting data and protecting business continuity are both similar and different. In a data driven world, your mission as a security analyst is to prevent threat actors from gaining unauthorized access to sensitive data and systems. Simultaneously, you also need to investigate incidents rapidly, ensuring that critical services experience as little downtime as possible.

Read Post

Graylog

Read more about Threat Hunting vs Incident Response for Cyber Resilience

Automate common security tasks and stay ahead of threats with Datadog Workflows and Cloud SIEM

Apr 18, 2023 By Nicholas Thomson In Datadog

Detecting and remediating security threats is a constantly evolving concern for modern DevSecOps and security operations center (SOC) teams. Moreover, manually investigating and responding to vulnerabilities and threats is time-consuming, laborious, and knowledge-intensive.

Read Post

Datadog

Read more about Automate common security tasks and stay ahead of threats with Datadog Workflows and Cloud SIEM

Brown Bag Apr 18, 2023 - Security - Entity Groups

Apr 18, 2023 By Sumo Logic In Sumo Logic

How to Get Results faster in Sumo Cloud SIEM using Entity Groups presented by Laszlo Salamon.

View Video

Sumo Logic

Read more about Brown Bag Apr 18, 2023 - Security - Entity Groups

US National Cybersecurity Strategy Deep Dive: Defend Critical Infrastructure

Apr 12, 2023 By John Allison In Devo

This is the first post in a series on the pillars outlined in the new US National Cybersecurity Strategy. I review each pillar in turn, and then discuss how services such as Devo can help address the challenges outlined in that pillar.

Read Post

Devo

Read more about US National Cybersecurity Strategy Deep Dive: Defend Critical Infrastructure

geeks+gurus: Get real about cyber resilience

Apr 11, 2023 By Sumo Logic In Sumo Logic

Join our geeks+gurus of Sumo Logic for an interactive conversation on the current state of cybersecurity, Demonstrating value is vital. In this 25-minute conversation, Bob Layton and Chas Clawson will Get Real about Cyber Resilience. With uncertainty around a potential recession and IT budgets flattening, security teams are learning how to do more with less. Cyber attacks are becoming more complex and destructive, however, more pressure is being put on security leaders to be more efficient with their spending and to make the case for these critical investments.

View Video

Sumo Logic

Read more about geeks+gurus: Get real about cyber resilience

Threat Detection and Response: 5 Log Management Best Practices

Apr 10, 2023 By The Graylog Team In Graylog

In a world where attackers can move fast, security teams need to move faster. According to SANS research from 2022, adversaries can perform intrusion actions within a five-hour window. While analysts need the Millennium Falcon of security technologies that enable threat detection and response in under twelve parsecs, increasingly complex IT environments make the 1-10-60 Framework feel unachievable.

Read Post

Graylog

Read more about Threat Detection and Response: 5 Log Management Best Practices

Demystifying Elastic Security for Cloud and its capabilities

Apr 5, 2023 By Sneha Sachidananda In Elastic

It's no surprise that organizations are moving to the cloud to innovate — to meet the growing demands of their customers and digital transformation. Organizations want to build applications that are fast and scalable. They want to make use of the latest cloud-native capabilities like containers, orchestrators, microservices, APIs, and declarative infrastructure. However, this also means security in the cloud cannot be an afterthought.

Read Post

Elastic

Read more about Demystifying Elastic Security for Cloud and its capabilities

What is XDR? Is the security impact real or hyped?

Apr 4, 2023 By Dave Frampton In Sumo Logic

With so many overlapping and self-serving definitions of XDR (Extended Detection and Response), embracing the innovations in technology first require that we parse the alphabet soup. We agree with several industry analysts covering the space that XDR is a vendor push with no real customer demand, but the problem spaces within XDR are of significant customer interest. Consensus has emerged on a few XDR elements such as: cloud-native/SaaS, improved detection, and improved response.

Read Post