SIEM

The latest News and Information on Security Incident and Event Management.

How to navigate the rapid changes and consolidation in the SIEM and security analytics market

May 17, 2024 By Chas Clawson In Sumo Logic

The security solutions landscape is evolving at a breakneck pace, with significant acquisitions reshaping the market. Notably, Palo Alto Networks has acquired IBM's QRadar product line, and Exabeam and LogRhythm have announced their merger. These moves echo Cisco's previous acquisition of Splunk, highlighting a trend where major players like AWS, Microsoft, Cisco, Palo Alto Networks, and CrowdStrike are consolidating their positions in the SIEM and security analytics space.

Read Post

Sumo Logic

Read more about How to navigate the rapid changes and consolidation in the SIEM and security analytics market

Rolling your own Detections as Code with Elastic Security

May 14, 2024 By Mika Ayenson, In Elastic

From its beginning, the Elastic detection-rules repo not only contained Elastic’s prebuilt detection rules, but also additional tooling for detection rule management — like a suite of tests, CLI commands, and automation scripts used by the Elastic Threat Research and Detection Engineering (TRaDE) team.

Read Post

Elastic

Read more about Rolling your own Detections as Code with Elastic Security

Splunk Named a Leader in the Gartner Magic Quadrant for SIEM

May 14, 2024 By Olivia Henderson In Splunk

Splunk has been named a Leader in the 2024 Gartner Magic Quadrant for Security Information and Event Management (SIEM), which is the tenth consecutive time for Splunk in the Leaders Quadrant. We are incredibly honored to receive this recognition and are grateful to our customers and partner community for making this recognition possible.

Read Post

Splunk

Read more about Splunk Named a Leader in the Gartner Magic Quadrant for SIEM

A Challenger in the 2024 Gartner Magic Quadrant for Security Information and Event Management

May 13, 2024 By Christopher Beier In Sumo Logic

In the high-stakes world of cybersecurity, complacency can spell disaster. At Sumo Logic, we don’t just adapt to the evolving threat landscape; we redefine it. Sumo Logic was recognized as a Challenger in the 2024 Gartner Magic Quadrant for Security Information and Event Management. This recent positioning reflects our Ability to Execute and Completeness of Vision. We believe this isn't just a recognition. Challenge accepted! In 2021 and 2022, Sumo Logic was recognized as a Visionary.

Read Post

Sumo Logic

Read more about A Challenger in the 2024 Gartner Magic Quadrant for Security Information and Event Management

o9 Solutions: Optimizing Security Operations with Elastic

May 13, 2024 By Elastic In Elastic

O9 Solutions leverages Elastic for both Observability and Security Operations Center (SOC) purposes. Initially employed for performance monitoring, Elastic's integration with O9's security stack has provided comprehensive visibility into potential threats and anomalies within their environment. This integration extends across various platforms such as Google, AWS, Active Directory, WEF, and HDR, enabling correlation and consolidated dashboard views for decision-making.

View Video

Elastic

Read more about o9 Solutions: Optimizing Security Operations with Elastic

Deciphering the SIEM Puzzle: How to Choose the Ideal Solution

May 13, 2024 By Devo In Devo

Register for the Webinar Large-scale cyber breaches continue to dominate headlines, amplifying the damaging ramifications of failing to secure your organization. Even with a substantial investment in your SOC, outcomes continue to fall short of promises. Breaches lead to massive data leaks, steep financial losses, and tarnished reputations, underscoring the urgent need for effective SIEM technology.

Read Post

Devo

Read more about Deciphering the SIEM Puzzle: How to Choose the Ideal Solution

What is the MITRE ATT&CK framework?

May 9, 2024 By Jeff Darrington In Graylog

As a kid, treasure hunts were fun. Someone gave you clues and a map so you could hunt down whatever hidden item they left for you. However, as a security analyst, your incident investigations often have clues but lack a map. An alert fires. You search through your vast collection of log data. You hope to find the next clue while trying to figure out the attacker’s next steps.

Read Post

Graylog

Read more about What is the MITRE ATT&CK framework?

AI-driven Security Analytics: Attack Discovery Demo

May 9, 2024 By Elastic In Elastic

Powered by the Elastic Search AI platform, Attack Discovery triages hundreds of alerts down to a few attacks that matter. Elastic’s AI-driven security analytics is built on the Search AI platform, which includes RAG powered by the industry's foremost search technology. The traditional SIEM will be replaced by an AI-driven security analytics solution for the modern SOC. Additional Resources.

View Video

Elastic

Read more about AI-driven Security Analytics: Attack Discovery Demo

Falcon NG-SIEM Streamline The SOC: Demo Drill Down

May 9, 2024 By CrowdStrike In CrowdStrike

When adversaries infiltrate your organiztion you can leverage AI to speed up the investigation time and how you can leverage automation to respond to attacks. Watch to learn how NG-SIEM allows you to streamline your SOC. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about Falcon NG-SIEM Streamline The SOC: Demo Drill Down

Falcon NG-SIEM AI Assisted Investigation: Demo Drill Down

May 9, 2024 By CrowdStrike In CrowdStrike

With today's adversaries moving faster than ever, you need an AI-Native platform to stay one step ahead. Watch to learn how Falcon NG-SIEM platform simplifies investigations and uncovers adversaries with ease. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video