%term

The latest News and Information on Security Incident and Event Management.

How to Manage DDoS Contacts in the LevelBlue Portal | Add, Edit & Notify Admins

May 15, 2025 By LevelBlue In LevelBlue

Learn how to add and manage contacts in the LevelBlue DDoS Defense Portal, including how to ensure the right users receive DDoS mitigation alerts and notifications. This step-by-step guide walks company administrators through: Accessing the DDoS Defense Portal Adding contacts with Business Direct IDs Enabling email alerts for DDoS mitigation events Managing contact updates to keep your incident response team informed.

View Video

LevelBlue

Read more about How to Manage DDoS Contacts in the LevelBlue Portal | Add, Edit & Notify Admins

Cloud SIEM and Flex Logs: Enhanced security insights for the cloud

May 14, 2025 By Melanie Yu In Datadog

One of the primary challenges with developing in the cloud is knowing which areas of your environment are vulnerable to risks. In order to efficiently identify and respond to legitimate risks, you need real-time visibility into security events. But traditional security platforms are costly and often standalone, which means they may create gaps in visibility.

Read Post

Datadog

Read more about Cloud SIEM and Flex Logs: Enhanced security insights for the cloud

Sumo Logic Cloud SIEM: Simplify threat detection with an AI-powered rules engine

May 12, 2025 By Sumo Logic, Inc. In Sumo Logic

Sumo Logic Cloud SIEM is designed to transform how organizations detect and respond to threats. Using our rules engine with over 1,000 out-of-the-box rules, discover how you can simplify threat detection with AI-powered automation, transparent rule customization, and built-in threat intelligence.

View Video

Sumo Logic

Read more about Sumo Logic Cloud SIEM: Simplify threat detection with an AI-powered rules engine

CrowdStrike Falcon Next-Gen SIEM: AI-Generated parsing

May 8, 2025 By CrowdStrike In CrowdStrike

Tired of writing custom parsers just to make your logs usable? With CrowdStrike Falcon Next-Gen SIEM, you can automate log parsing using AI — cutting setup time from days to minutes. In this demo, see how easily you can onboard network logs, generate a parser with AI, and normalize data to the CrowdStrike Parsing Standard — all within a few clicks. CrowdStrike Falcon Next-Gen SIEM: Consolidate security operations with the world’s most complete AI-native SOC platform.

View Video

CrowdStrike

Read more about CrowdStrike Falcon Next-Gen SIEM: AI-Generated parsing

From Reactive to Ready: Automated Detections and Defense with Devo + Detecteam

May 7, 2025 By Devo In Devo

Security analysts know the feeling: The all-too-familiar dread creeps in as a new exploit hits the headlines. Cyber teams worldwide brace themselves, knowing that their weekends, vacations, and carefully laid plans are likely about to go up in smoke. The first question a CISO will always ask rings in their ears: “Are we protected against this?”

Read Post

Devo

Read more about From Reactive to Ready: Automated Detections and Defense with Devo + Detecteam

What's Next for Your SIEM?

May 7, 2025 By Brian Rowe In BlueVoyant

You’ve just finished your Microsoft Sentinel deployment and have your shiny new SIEM up and running. Is your job done? Can a SIEM ever really be finished? The answer is “no” because your organization’s needs change, new technologies emerge, and cyber attack vectors constantly evolve.

Read Post

BlueVoyant

Read more about What's Next for Your SIEM?

Tips for choosing an AI-driven SIEM

May 2, 2025 By Joe DeFever In Elastic

Artificial intelligence is rewriting the rules for cybersecurity on both sides of the battle. Cloud adoption, a broadening attack surface, and AI-fueled cyber threats are driving organizations to rethink their approach to security. Discussions on the best way to adapt to a highly dynamic threat environment will naturally steer toward updating SIEM, as it is core to today’s security operations.

Read Post

Elastic

Read more about Tips for choosing an AI-driven SIEM

From Alert Fatigue to Focused Response: A New Way Forward for The SOC

May 1, 2025 By The Graylog Product Team In Graylog

We’re all exhausted—both by the problem and by hearing about it. False positives and overwhelming alert volume have long plagued security operations. And despite years of innovation, solutions have remained elusive. Alert volume. Alert fatigue. SOC burnout. This persistent problem puts security teams in a tough position: For CISOs and SOC managers, it’s a lose-lose scenario.

Read Post

Graylog

Read more about From Alert Fatigue to Focused Response: A New Way Forward for The SOC

Threat hunting in Elastic with JOINs!

Apr 29, 2025 By Paul Ewing, In Elastic

Elastic’s piped query language, ES|QL, brings joins to the party Threat hunters rejoice! Have you been looking for a way to join data with the speed and power of Elastic? Well, we heard you! Elastic can now join data sources with a new function for the piped query language, ES|QL (Elasticsearch Query Language). This will enable robust searches that range from advanced behavior detections to alert triage and of course, threat hunting.

Read Post