%term

The latest News and Information on Security Incident and Event Management.

SIEM's Next Chapter: Evolving, Not Dying

Oct 9, 2025 By Jeff Darrington In Graylog

The obituary for SIEM has been written more than once. The latest headline from Dark Reading calls it “dying a slow death.” Catchy. But wrong. If you work in a SOC, you already know the need for centralized, contextualized visibility is not going anywhere. What is changing the future of SIEM, is how SIEM delivers it. If you are still thinking of SIEM as a clunky, high-cost log hoarder, you are stuck in the wrong decade.

Read Post

Graylog

Read more about SIEM's Next Chapter: Evolving, Not Dying

Exabeam Appoints Pete Harteveld as CEO

Oct 8, 2025 By Exabeam In Exabeam

BROOMFIELD, Colo. & FOSTER CITY, Calif. - October 8, 2025 - Exabeam, a global leader in intelligence and automation that powers security operations, today announced Pete Harteveld as Chief Executive Officer. The leadership transition follows the decision by Chris O'Malley to step into retirement after three years of dedicated service to the company and over 30 years of executive leadership.

Read Post

Exabeam

Read more about Exabeam Appoints Pete Harteveld as CEO

AI can do what now?! Agentic AI is the autonomous future coming to security operations

Oct 8, 2025 By Elastic Security Team In Elastic

Agentic AI in cybersecurity promises to transform workflows as we know them, enabling a new level of personalization, automation, efficiency, and innovation. It’s already being deployed by security teams for use cases like autonomous threat detection and response, advanced threat hunting, automated incident investigation, real-time fraud protection, and more. So, how is agentic AI working overtime to help security analysts build a more resilient security posture?

Read Post

Elastic

Read more about AI can do what now?! Agentic AI is the autonomous future coming to security operations

The New CISO Podcast Ep.134 - Evan Ferree | From Breach to BISO: Becoming a Security Influencer

Oct 8, 2025 By Exabeam In Exabeam

Most security professionals know what a CISO does. But what about a BISO? And why are Fortune 500 companies increasingly creating this executive role? In this episode of The New CISO Podcast, host Steve Moore sits down with Evan Ferree, Staff Vice President and Business Information Security Officer at a Fortune 50 company, to decode one of cybersecurity's most misunderstood leadership positions. What You'll Learn.

View Video

Exabeam

Read more about The New CISO Podcast Ep.134 - Evan Ferree | From Breach to BISO: Becoming a Security Influencer

Using Sigma rules in EventSentry

Oct 7, 2025 By NETIKUS.NET LTD In EventSentry

Shows how to create EventSentry event log filters based on Sigma rules, along with a short overview of Sigma rules in general.

View Video

EventSentry

Read more about Using Sigma rules in EventSentry

How Exabeam Detects LLM Abuse for Google Cloud Model Armor

Oct 7, 2025 By Exabeam In Exabeam

In this demo, see how the Exabeam New-Scale Security Operations Platform integrates with Google Cloud Model Armor to detect and stop abuse of large language models (LLMs). You’ll learn how Exabeam: Monitors AI activity for suspicious or malicious behavior Uses advanced analytics to spot LLM misuse in real time Helps security teams enforce responsible AI use policies Watch how Exabeam and Google Cloud work together to provide stronger visibility, detection, and protection against emerging threats targeting LLMs.

View Video

Exabeam

Read more about How Exabeam Detects LLM Abuse for Google Cloud Model Armor

How Graylog Helps You Spot LockBit-Style Attacks Sooner

Oct 6, 2025 By Jeff Darrington In Graylog

The DFIR Report recently detailed a LockBit attack with ransomware intrusion that succeeded without advanced exploits or zero-day vulnerabilities. The attack relied on a stolen AnyDesk installer, credential reuse, and renamed PowerShell scripts that blended into routine activity. These moves were not sophisticated, but they were fast and effective. The end result: complete domain encryption.

Read Post

Graylog

Read more about How Graylog Helps You Spot LockBit-Style Attacks Sooner

From endpoint to XDR: Operationalize Jamf Protect data in Elastic Security

Oct 6, 2025 By Raquel Tabuyo In Elastic

Enhance your threat detection, investigation, and response capabilities by integrating Jamf Protect macOS data within Elastic Security. Security teams often struggle to detect and respond to macOS threats with endpoint data alone. The integration with Jamf Protect changes that. Jamf Protect delivers rich macOS telemetry and built-in protections like Threat Prevention and Network Protection, powered by Jamf Threat Labs.

Read Post

Elastic

Read more about From endpoint to XDR: Operationalize Jamf Protect data in Elastic Security

LimaCharlie Search Demo: SIEM Capabilities for Modern SecOps

Oct 6, 2025 By LimaCharlie In LimaCharlie

Get a first look at LimaCharlie's new advanced Search feature in this demo walkthrough. Search transforms how security teams investigate alerts, hunt for threats, and build detections across their entire security stack.

View Video

LimaCharlie

Read more about LimaCharlie Search Demo: SIEM Capabilities for Modern SecOps

Case Management with Falcon Next-Gen SIEM

Oct 3, 2025 By CrowdStrike In CrowdStrike

Speed and structure are essential for modern incident response. Falcon Next-Gen SIEM introduces built-in Case Management, giving security teams a unified workspace to organize detections, artifacts, and related activity. Analysts can standardize investigations with templates, enforce SLAs, and escalate cases automatically to the right teams.

View Video