Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Managed security service providers should stay skeptical

It wasn’t too many years ago that only large-scale organizations and enterprises were compelled to worry about cybersecurity. They were the primary targets for malicious actors, and so they seemed to be the only ones thinking about defense. But just like most things, that has completely changed. Small and medium-sized businesses are just as vulnerable to cyberattacks. Without the size and resources to bring security in-house, most turn to managed security service providers (MSSPs) for help.

Being forced to migrate from IBM QRadar to PAN XSIAM? Know the pitfalls

Palo Alto Networks acquired IBM QRadar SaaS assets, leaving several organizations in limbo and uncertain about the future of their security information and event management (SIEM). Security teams grapple with a complex and potentially disruptive transition as Palo Alto Networks pushes and even mandates migration to its relatively new XSIAM platform.

Safeguarding your future: enhancing cybersecurity while defending your budget

As budget cycles increasingly force teams to tighten their belts, proving the value of vital technology is key. It’s not enough to showcase how the security operations center (SOC) is improving security posture and defending against threats, you also need to highlight how this boosts ROI. As highlighted in an IDC webinar and white paper, organizations using Sumo Logic have experienced an exceptional return on investment and a rapid payback period.

Critical triggers to reassess your SIEM: when and why to evaluate

You wouldn’t drive a car that hasn’t been serviced in a decade. So why are you still trusting a legacy SIEM solution? The world of cybersecurity is in a constant state of flux, and your security information and event management (SIEM) needs to keep up. If you’re not regularly reassessing it, you might as well roll out the red carpet for hackers. Let’s discuss when and why you should seriously consider giving your SIEM a much-needed check-up.

Cloudy with a chance of breach: advanced threat hunting strategies for a hyperconnected and SaaSy world

When workloads moved to the cloud, a huge burden was lifted from the enterprise in infrastructure and operational overhead. This transition also brought with it the “shared responsibility” model, where cloud providers took on much of the responsibility previously relegated to expensive engineering teams.

Rule tuning - supercharge Cloud SIEM for better alerts

We’ve seen the movies where the character needs to get out of a jam or needs to get somewhere in a hurry, so they mash the big button of Nitrous Oxide and boom they are off! Fast and the Furious and Boss Level are the two movies that come to mind. So, how does this relate to a SIEM or SIEM rules? Sit down, buckle up, and let’s go for a ride.

The SIEM vs. XDR debate: industry perspectives

How many times can we say, “It’s been a busy week for the security industry,” before it becomes cliche? We recently discussed changes in the SIEM market, with mergers and acquisitions disrupting the traditional SIEM vendor landscape and XDR vendors introducing new SIEM solutions. This week, we continue to see a range of mixed messages from the market around the future of XDR and SIEM.

Securing open source infrastructure - Log all the things

The last time we wrote about open source software (OSS) for security, we explored how community-driven innovation addresses security problems stemming from the rapid pace of business-driven technological advancements. We posed the question: Can open source security solutions adequately secure and protect the OSS that modern businesses depend on?

What's going on? The power of normalization in Cloud SIEM

Many of us in the information security sphere have sat in front of a console and furiously executed various queries while either mumbling internally or externally, with varying levels of stress and frustration: what is going on? When investigating a particular system, an odd event, or a declared incident, we are all attempting to answer this question in one way or another. Detections, documented threat hunts and security operations procedures do not manifest out of thin air.