%term

The latest News and Information on Security Incident and Event Management.

Ep 1: So you're buying your first SIEM...here's how not to suck at it

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

You’ve been told you need a SIEM. Maybe it was your CISO. Maybe it was your auditor. Maybe your SOC is tired of stitching together logs with duct tape and Python scripts. Doesn’t matter — you’re now on the SIEM buying journey. Congratulations… and condolences. Join security experts, Adam White and David Girvin as they walk through the ultimate playbook for buying your first SIEM without lighting your budget (and your team’s morale) on fire.

View Video

Sumo Logic

Read more about Ep 1: So you're buying your first SIEM...here's how not to suck at it

Ep 3: CISOs hate their security tools

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

Sumo Logic’s 2025 Security Operations Insights report surveyed 500 IT and security leaders from enterprise organizations to uncover what’s really happening inside today’s SOCs. Join security experts Adam White, David Girvin, and Zoe Hawkins as they break down the top findings from the report and shed light on what every analyst and CISO has felt for years: the system needs a reset.

View Video

Sumo Logic

Read more about Ep 3: CISOs hate their security tools

Ep 2: Hacked together: fast, safe prototyping with AI

Jul 28, 2025 By Sumo Logic, Inc. In Sumo Logic

Join security experts Adam White, Chas Clawson, and Seth Williams as they explore how AI-first development is reshaping the way cybersecurity teams build, test, and deploy solutions. Traditional development cycles often leave critical ideas trapped in backlogs, but with Gen-AI and language models, security teams can now move from concept to prototype in hours, not months.

View Video

Sumo Logic

Read more about Ep 2: Hacked together: fast, safe prototyping with AI

SharePoint "ToolShell" zero day

Jul 24, 2025 By Paul Sheck In Sumo Logic

Hats off to the great work the community and industry has done regarding the “ToolShell” attack against Microsoft’s On-Premise SharePoint servers. The goal of this article is to build on that great work and help Sumo Logic customers with on-prem SharePoint servers investigate and identify evidence within their environments.

Read Post

Sumo Logic

Read more about SharePoint "ToolShell" zero day

Security 101 -- Customer Brown Bag -- July 24th, 2025

Jul 24, 2025 By Sumo Logic, Inc. In Sumo Logic

This beginner-friendly session covers the essentials of building a smart security operation. Learn from Christopher Beier how to collect the right logs, use built-in content, and navigate detections, threat intel, and alerts with Logs for Security and Cloud SIEM.

View Video

Sumo Logic

Read more about Security 101 -- Customer Brown Bag -- July 24th, 2025

AI and the 2025 SIEM landscape: A guide for SOC leaders

Jul 23, 2025 By Elastic Security Team In Elastic

Security teams often find themselves having to put out the immediate fires in front of them, but this comes at the expense of implementing a more methodical risk reduction strategy. Attack surfaces are expanding, and new risks emerge with new tech. Modern security operations center (SOC) teams are drowning in alerts, stretched thin by talent shortages, and racing to stay ahead of increasingly sophisticated adversaries.

Read Post

Elastic

Read more about AI and the 2025 SIEM landscape: A guide for SOC leaders

Bits AI Security Analyst: Automate Cloud SIEM investigations

Jul 23, 2025 By Datadog In Datadog

Datadog's Bits AI Security Analyst transforms the way security teams handle investigations by autonomously triaging Datadog Cloud SIEM signals. Built natively in Datadog, it conducts in-depth investigations of potential threats and delivers clear, actionable recommendations. With context-rich guidance for mitigation, security teams can stay ahead of evolving threats with greater efficiency and precision.

View Video

Datadog

Read more about Bits AI Security Analyst: Automate Cloud SIEM investigations

AI is cybersecurity's biggest threat

Jul 23, 2025 By Mandy Andress In Elastic

It’s also its greatest defense The biggest threat in our rapidly evolving cybersecurity landscape is artificial intelligence (AI).1 It’s also our greatest defense. Cybersecurity is a high-stakes game where everything is on the line and decisions have to be made fast. For years, cybersecurity strategy has been about increasing visibility to make informed decisions from vast amounts of data.

Read Post

Elastic

Read more about AI is cybersecurity's biggest threat

Model Context Protocol (MCP) vs Model Control Plane (MoCoP): Why your AI security is screwed if you only have one

Jul 22, 2025 By David Girvin In Sumo Logic

If you’re building AI systems with agents, plugins, and orchestration layers and you’re only thinking about how to route traffic, you’re halfway to being pwned. Everyone’s rushing to build a Model Context Protocol (MCP) — and that’s great. But almost no one’s talking about MoCoP — the Model Control Plane, which is just as important and arguably where the riskiest stuff happens. (Also, side note, who the hell keeps making these damn acronyms so confusing?

Read Post

Sumo Logic

Read more about Model Context Protocol (MCP) vs Model Control Plane (MoCoP): Why your AI security is screwed if you only have one

5 Ways CISOs Can Use Selective Retrieval to Optimize Data Lakes

Jul 17, 2025 By The Graylog Team In Graylog

Data lakes have evolved. Once treated as passive storage archives, they’re now becoming active components of enterprise risk management. The driver? Selective retrieval — the ability to park large data volumes in cold storage and later retrieve targeted slices for forensic or compliance needs. This shift matters. According to 2025 data from Cybersecurity Insights Group, 73% of enterprises report that SIEM ingestion costs are limiting their real-time analysis capacity.

Read Post