CrowdStrike Falcon Next-Gen SIEM enhances security operations by integrating data, AI, workflow automation and threat intelligence into a single platform with a unified console and a lightweight endpoint agent. We continue to innovate in next-gen SIEM to power SOC operations, most recently with a series of product updates announced at Fal.Con 2024. But we’re not stopping there.

It’s no coincidence that Graylog 6.1 is making its debut right before Halloween. This release is a true behemoth, designed to tackle some of the longest-standing and most challenging issues in Security Event and Information Management (SIEM). Packed with innovations, Graylog 6.1 is here to change the game.

It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed. Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help.

In today’s increasingly complex and evolving threat landscape, Security Operations Centers (SOCs) have become the nerve center for protecting critical national and local government assets. Building and maintaining an in-house SOC is often beyond the reach of many government agencies due to budget constraints, the need for skilled personnel, and the rapid growth of cyber threats.

Mitigating risk based on the threat landscape is a complicated yet essential part of being a CISO, which is why threat reports like the 2024 Elastic Global Threat Report are a huge help for me. In addition to providing an in-depth understanding of what’s happening, threat reports also offer a quick overview of what needs to be explained or communicated to the rest of the organization.

One of the most powerful weapons at an attacker’s disposal is the use of specialized tools designed to compromise network security. Mimikatz, BloodHound, and winPEAS are just a few examples of tools that can wreak havoc in your environment if left undetected. In this article, we’ll explore how malicious actors can exploit specialized tools to launch sophisticated attacks.

There are lots of hurdles to jump when trying to set up and maintain a SIEM. Preparing infrastructure and installing the software components, getting logs ingested into the system, parsing and normalizing those log messages properly, configuring alerts for detection, etc. These are all large tasks that require thoughtful planning and a lot of work to get right. But let’s say you’ve managed to clear all those hurdles…in that case, great job!!

CrowdStrike is excited to announce we are named a Major Player in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment.1 This marks our first appearance in a SIEM-focused analyst report since bringing CrowdStrike Falcon Next-Gen SIEM to market less than a year ago. We believe this milestone speaks volumes about our commitment to revolutionizing security operations.