%term

The latest News and Information on Security Incident and Event Management.

How Exabeam Uses Its Own Security Platform to Defend Against Threats

Dec 3, 2025 By Exabeam In Exabeam

At Exabeam, we don’t just build a security operations platform — we use it to protect ourselves. In this behind-the-scenes look at the Exabeam Security Operations Center (SOC), you’ll see exactly how Exabeam uses Exabeam to secure our corporate systems, customer data, cloud environments, and internal infrastructure.

View Video

Exabeam

Read more about How Exabeam Uses Its Own Security Platform to Defend Against Threats

Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Dec 2, 2025 By CrowdStrike In CrowdStrike

See how Falcon Next-Gen SIEM delivers instant, frictionless integration with AWS for full visibility in minutes. Watch how pre-built detections analyze every API call, connecting events into clear attack stories. With automated response playbooks that take immediate action, you can detect faster, respond smarter, and stop cloud threats before they spread. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about Secure Your AWS Cloud with Falcon Next-Gen SIEM: Seamless Integration & Intelligent Detection

Ep 21: How to start a threat program

Dec 2, 2025 By Sumo Logic, Inc. In Sumo Logic

In this Masters of Data episode, we welcome back Chas Clawson to discuss building effective threat hunting programs from the ground up. We explore the difference between proactive threat hunting and detection engineering, emphasizing how AI tools are making sophisticated security operations accessible to teams of any size. We cover practical approaches, such as prioritizing threats based on business risk, creating feedback loops between red and blue teams, and measuring success through meaningful metrics rather than vanity numbers.

View Video

Sumo Logic

Read more about Ep 21: How to start a threat program

Sumo Logic Intelligent Security Operations Platform overview

Dec 1, 2025 By Sumo Logic, Inc. In Sumo Logic

Security workflows are broken, resulting in disconnected tools, overwhelming data, and missed threats. Discover how Sumo Logic’s Intelligent Security Operations Platform ingests all the data you need, helping you cut through the noise and focus on what matters most.

View Video

Sumo Logic

Read more about Sumo Logic Intelligent Security Operations Platform overview

Transform AWS Security Operations with Falcon Next-Gen SIEM

Dec 1, 2025 By Vicky Ngo-Lam In CrowdStrike

CrowdStrike is redefining how SOC teams turn cloud data into actionable intelligence by unifying speed, scale, and cost efficiency in one platform built for the cloud and AI era. Together with AWS, today we are announcing new integrations and consumption options designed to further simplify how customers secure and operationalize workloads on Amazon Web Services (AWS).

Read Post

CrowdStrike

Read more about Transform AWS Security Operations with Falcon Next-Gen SIEM

Datadog Cloud SIEM: Driving innovation in security operations

Dec 1, 2025 By Vera Chan In Datadog

Security can quickly become overwhelming for large organizations, with teams processing logs that are fragmented across cloud providers and SaaS platforms, staggering alert volumes, and the need to scale operations efficiently as environments grow. Datadog Cloud SIEM is designed to help teams manage this workload by centralizing insights, detecting threats faster, and prioritizing investigations with rich risk context.

Read Post

Datadog

Read more about Datadog Cloud SIEM: Driving innovation in security operations

Why a Cloud SIEM Just Makes Sense

Dec 1, 2025 By The Graylog Team In Graylog

The irony of being an adult working in IT and security is that where having your head “in the clouds” was inappropriate as a child, today most of your activities require you to have your head in the cloud. Organizations moved their business operations to the cloud because they could achieve various operational benefits, like improved collaboration and reduced costs. Yet, many companies still maintain an on-premises SIEM.

Read Post

Graylog

Read more about Why a Cloud SIEM Just Makes Sense

Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue

Nov 27, 2025 By LevelBlue In LevelBlue

As email-based cyberattacks surge, security teams are struggling to stay ahead of increasingly sophisticated phishing, Business Email Compromise (BEC), and AI-driven social engineering. With attackers exploiting platforms like Microsoft 365, Google Workspace, OneDrive, and SharePoint, organizations face growing pressure to strengthen protection, visibility, and compliance.

View Video

LevelBlue

Read more about Fortifying Your Inbox: Advanced Email Security with Check Point & LevelBlue

MCP ROI in a New Era of AI Orchestrated Threats

Nov 26, 2025 By The Graylog Team In Graylog

Security leaders spent most of the past year testing AI driven security automation. Many discovered that the promise of fully autonomous SOC operations collided with the reality of hallucinations, opaque recommendations, and inconsistent outcomes. McKinsey research now shows that more than 80 percent of organizations have not realized meaningful results from gen AI programs.

Read Post

Graylog

Read more about MCP ROI in a New Era of AI Orchestrated Threats

Rehydrate archived logs in any SIEM or logging vendor with Observability Pipelines

Nov 26, 2025 By Zara Boddula In Datadog

Security and observability teams generate terabytes of log data every day—from firewalls, identity systems, and cloud infrastructure, in addition to application and access logs. To control SIEM costs and meet long-term retention requirements, many organizations archive a significant portion of this data in cost-optimized object storage such as Amazon S3, Google Cloud Storage, and Azure Blob Storage.

Read Post