%term

The latest News and Information on Security Incident and Event Management.

Where Online Analytical Processing (OLAP) Overlaps With Security Operations

Sep 2, 2025 By Jeff Darrington In Graylog

Imagine security data and analytics like a carnival’s hall of mirrors. From convex mirrors that show you a shorter, squatter version of something to the concave mirrors that show a highly magnified image, you see the same object in multiple ways. Every view gives you a different insight and provides a unique vantage point. Online Analytical Processing (OLAP) systems are different mirrors that allow security teams to create focused analytics models for different insights about your security posture.

Read Post

Graylog

Read more about Where Online Analytical Processing (OLAP) Overlaps With Security Operations

Breach Ready. Board Ready. Built for Efficiency.

Sep 2, 2025 By Beth Dannemiller In Securonix

In today’s modern SOC, more data doesn’t always mean better outcomes. Security teams are overwhelmed by irrelevant telemetry, storage bills are out of control, and compliance regulations demand long-term retention—even for data with little threat value. Legacy SIEMs treat all logs the same, flooding analysts with noise and slowing down response times. The result? Bloated infrastructure, delayed investigations, and boardroom frustration over unproven ROI.

Read Post

Securonix

Read more about Breach Ready. Board Ready. Built for Efficiency.

Ep 7: SOAR Loser: Does the O in SOAR stand for obsolete?

Aug 26, 2025 By Sumo Logic, Inc. In Sumo Logic

SOAR might sound like a superhero for security teams, but is it actually flying too close to the sun? In this episode, Adam and David unpack why security orchestration, automation, and response have been helpful… but might be headed for retirement, thanks to AI shaking up the game. They also dig into the headaches of managing clunky SOAR systems and why it’s time to rethink workflows and case management before you get left in the dust.

View Video

Sumo Logic

Read more about Ep 7: SOAR Loser: Does the O in SOAR stand for obsolete?

The New CISO Podcast Ep.133 - Steve Lodin | Teachable Moments: How to Learn from Career Challenges

Aug 25, 2025 By Exabeam In Exabeam

In this episode of The New CISO, host Steve Moore speaks with Steve Lodin, VP of Information Security at Sallie Mae, about the career challenges that shaped his leadership style and the lessons he’s learned across decades in cybersecurity.

View Video

Exabeam

Read more about The New CISO Podcast Ep.133 - Steve Lodin | Teachable Moments: How to Learn from Career Challenges

Exabeam Research: AI Supercharges Insider Threats, Now Outpacing External Attacks

Aug 21, 2025 By Exabeam In Exabeam

74% report AI is making insider threats more effective, and 53% expect insider threats to increase.

Read Post

Exabeam

Read more about Exabeam Research: AI Supercharges Insider Threats, Now Outpacing External Attacks

Building effective threat hunting and detection rules in Elastic Security

Aug 21, 2025 By Kseniia Ignatovych, In Elastic

Learn to create custom detection rules in Elastic Security following real detection use cases. This blog will guide you through creating custom detection rules in Elastic Security, equipping you with best practices for using Elasticsearch Query Language (ES|QL) and Elastic AI Assistant to refine threat detection logic and add crucial context for analysts. You’ll learn how to effectively preview, test, and enhance your rules, ultimately strengthening your security operations.

Read Post

Elastic

Read more about Building effective threat hunting and detection rules in Elastic Security

Ep 6: Security haven or horror story: from SIEMs to lakes to lakehouses

Aug 19, 2025 By Sumo Logic, Inc. In Sumo Logic

Between SIEMs, data lakes, and data lakehouses, the buzzwords alone could fill a glossary. In this episode, Adam and David break down the real differences between data lakes and SIEM systems and why effectively managing all that data is crucial for staying visible and secure. They also dive into how AI is shaking up the game and why picking the right tools can mean the difference between being overwhelmed and being in control.

View Video

Sumo Logic

Read more about Ep 6: Security haven or horror story: from SIEMs to lakes to lakehouses

Advanced Persistent Threat: What They Are and Why They Matter

Aug 18, 2025 By Jeff Darrington In Graylog

Nearly everyone has had “that cold,” the one where most symptoms have resolved except that lingering cough. The cough can continue for weeks or months, all while you feel mostly well across the board. In cybersecurity, an advanced persistent threat (APT) is your IT environment’s lingering cough, albeit a much more damaging one. An APT stealthily gains initial access to your company’s systems and networks, then hides within them to complete objectives.

Read Post

Graylog

Read more about Advanced Persistent Threat: What They Are and Why They Matter

The SIEM That Says Yes

Aug 15, 2025 By Graylog In Graylog

Most SIEMs make you compromise—higher costs, rigid deployments, slow investigations. Graylog Security says yes to what matters: speed, flexibility, cost control, and complete visibility. With Graylog, you can.

View Video

Graylog

Read more about The SIEM That Says Yes

Elastic joins AWS Zero Trust Accelerator for Government (ZTAG) program

Aug 14, 2025 By Marianna Jonsdottir, In Elastic

Strategic collaboration to advance security information and event management (SIEM) integration specifically tailored for the US federal government's Zero Trust architecture Elastic is proud to be officially recognized as an AWS Zero Trust for Government partner and for onboarding into the AWS Zero Trust Accelerator for Government (ZTAG) program in the US.

Read Post