Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bluevoyant

How BlueVoyant's ASIM-First Strategy Simplifies Threat Detection in Microsoft Sentinel

Jun 1, 2026 By Alexander Sinno In BlueVoyant
Earlier this year, BlueVoyant adopted a new detection strategy built on the Advanced Security Information Model (ASIM). For those unfamiliar, ASIM is Microsoft's normalisation layer that standardises log data across products into consistent schemas. Our approach is simple: The result? Dramatically faster use case development and cleaner, more maintainable detection logic.
Read Post
armo

Why Your Detection Latency Budget Determines Blast Radius

Jun 1, 2026 By Shauli Rozen In ARMO
Most teams buy detection on a single number. The datasheet says “millisecond detection,” the proof-of-concept fires the instant a test payload lands, and the box gets checked. Then a real AI agent incident runs in production, and the postmortem shows the attack completed its objective well before anyone contained it, even though the alert, technically, fired in milliseconds. The number was real. It just measured the wrong thing.
Read Post
armo

Tool Call Analysis for AI Attack Detection: Reading What Rides Inside the Call

May 30, 2026 By Yossi Ben Naim In ARMO
A compromised agent doesn’t make a single call it isn’t allowed to make. It queries a table it’s authorized to read, calls a tool it’s authorized to use, sends to a domain that’s on the allowlist. Every call is legal. The attack is in the values it passes, and your tool-call log records all of it as a clean day’s work. A tool call has two layers. Almost every tool you run reads the first one: the call itself: which tool, in what order, at what rate.
Read Post
Securonix (ThreatQ) positioned as a Leader in the SPARK Matrix: Digital Threat intelligence Management, 2026 by QKS Group

Securonix (ThreatQ) positioned as a Leader in the SPARK Matrix: Digital Threat intelligence Management, 2026 by QKS Group

May 28, 2026 By Securonix In Securonix
The QKS Group SPARK Matrix™ provides competitive analysis & ranking of the leading DTIM vendors. Securonix (ThreatQ), with its comprehensive platform, has received strong ratings across technology excellence and customer impact.
Read Post

ITSP: Corelight launches Agentic AI that makes SOC triage 10x faster

May 28, 2026 By Corelight In Corelight
Modern SOCs face a difficult reality: attackers are moving faster while analysts are being asked to investigate more alerts than ever. Learn how agentic triage helps security teams move from alert overload to evidence-backed investigations. Rather than relying on opaque AI outputs, the approach uses expert-written playbooks and exposes the underlying queries and evidence so analysts can verify conclusions against raw network data.
View Video
CrowdStrike

CrowdStrike Named a Leader in Identity Threat Detection and Response

May 26, 2026 By Ryan Terry In CrowdStrike
Two recent industry reports validate CrowdStrike’s leadership in the identity threat detection and response (ITDR) market: Identity is the front line of modern cyberattacks. Today’s adversaries log in and use legitimate identities to move laterally, escalate privileges, and operate inside legitimate sessions as trusted users.
Read Post
tanium

Understanding continuous threat exposure management (CTEM)

May 22, 2026 By Tanium In Tanium
Continuous threat exposure management, or CTEM, is a five-stage program framework for continuously reducing real-world security exposure. It builds on vulnerability scanning by adding risk-informed prioritization, validation of exposure conditions and control effectiveness, and cross-team mobilization to drive remediation.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.