Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Security Incident and Event Management.

graylog

7 SIEM Configurations To Improve Your Time to Value

Jun 25, 2025 By Jeff Darrington In Graylog
Whether you’re an Apple fan or not, one of the reasons people buy into their ecosystem is ease of setup across different devices. In a world where people customize the applications on their laptops to cross over with their mobile phones, an easy setup is a key to getting the most value from their devices. However, in the world of security information and event management (SIEM) solutions, the time to value often takes longer than most security teams want to admit.
Read Post
elastic

Elastic named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025

Jun 24, 2025 By Natalie Blake In Elastic
We’re excited to share that Elastic has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025. At Elastic, we believe security starts with the data. Elastic Security enables teams to detect, investigate, and respond to threats at scale, without lock-in or limits — powered by the speed and flexibility of Elasticsearch — and is grounded in a commitment to openness, innovation, and customer control.
Read Post
sumologic

The privacy illusion: when deleting your data doesn't actually delete your data

Jun 24, 2025 By David Girvin In Sumo Logic
Let’s talk about privacy—specifically, the kind you thought you had when you hit “delete.” OpenAI received a court order to retain every single ChatGPT conversation, even the ones you erased. Yep. Even the awkward ones. Even the ones that start with, “Hypothetically, if I were to…” Why? Because The New York Times is suing them over copyright, and now everyone’s deleted chats are potential evidence.
Read Post
graylog

SOC Burn Out Is Real: Improve Detection Without the Noise

Jun 24, 2025 By The Graylog Team In Graylog
“Too many alerts mean missing the real threats.” Alert fatigue is one of the top threats to a SOC’s performance. When everything looks like a threat, nothing does. The tradeoff is disabling rules, overly tuning rules, or simply ignoring alerts just to stay afloat. The risk? High-value, low-noise threats slip through the cracks.
Read Post
elastic

AI, out-of-the-box!

Jun 23, 2025 By Amena Siddiqi, In Elastic
Elastic's GenAI capabilities are now available by default in Elastic Cloud Elastic AI features in Elastic Security, Observability, and Search are now enabled by default in Elastic Cloud. Getting started with generative AI (GenAI) shouldn’t be a project in itself. Too often teams encounter organizational friction that slows adoption of AI-based features, from third-party contracts and external API keys, to additional terms of service and billing management.
Read Post
elastic

You thought Elastic only did SIEM? Think again!

Jun 23, 2025 By Jamie Hynds In Elastic
Elastic Extended Security, born from the acquisition of Endgame, brings years of battle-tested EDR and threat prevention expertise directly into Elastic’s Search AI Platform. This isn’t a bolt-on or third-party integration; it’s a native, deeply embedded component that redefines what’s possible with XDR. As data volumes grow exponentially, traditional EDR tools hit walls. Elastic doesn’t.
Read Post
devo

How AI Can Reduce Alert Fatigue in Your SOC

Jun 20, 2025 By Devo In Devo
Alert fatigue is a common phenomenon in Security Operations Centers (SOCs). It’s the digital equivalent of crying wolf. As SOCs are flooded with a relentless stream of alerts—many of which are low priority or false positives—it becomes increasingly difficult to identify truly critical security threats. Analysts are stuck spending countless hours verifying, contextualizing, analyzing, and acting on information, often at the cost of missing out on critical alerts.
Read Post
elastic

Reclaiming analyst time: Smarter investigations with AI in defence

Jun 20, 2025 By Crossley McEwen In Elastic
How the MOD can reduce investigation fatigue and boost operational efficiency Security analysts at the UK Ministry of Defence (MOD) — and everywhere — face an overwhelming challenge: They can receive thousands of alerts daily, and distinguishing genuine threats from false positives in a timely fashion has become nearly impossible without technological intervention.
Read Post

Vulnerability Data in Next Gen-SIEM with Falcon Exposure Management

Jun 20, 2025 By CrowdStrike In CrowdStrike
Vulnerability data is often siloed and captured in static dashboards, disconnected from real-time investigation. But with Falcon Exposure Management streaming into NG-SIEM, that changes. This demo shows how teams can correlate live vulnerability events with endpoint behavior, network activity, and even cloud telemetry. Using a Firefox example, we trace active and historical exposure, revealing how ExPRT.AI, asset metadata, and cloud-aware context come together in Next Gen SIEM.
View Video

4 Steps to Cyber Resilience | Expert Insights from LevelBlue | Dark Reading Interview

Jun 20, 2025 By LevelBlue In LevelBlue
In this exclusive Dark Reading News Desk interview, Theresa Lanowitz from LevelBlue shares four practical and powerful steps organizations can take to boost their cyber resilience. From fostering a proactive cybersecurity culture to elevating cyber discussions to the boardroom, this conversation is packed with actionable insights. Learn how to secure your software supply chain, leverage AI for defense, and stay ahead of emerging threats.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.