Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Security Incident and Event Management.

graylog

The Importance of Email Security

Jul 8, 2024 By Jeff Darrington In Graylog
Back in the early days of the internet, people looked forward to hearing that deep, robotic voice announcing “you’ve got mail!” Today, whether you like it or not, email is fundamental to personal and business communications. In 2022, people sent and received an estimated 333 billion emails daily, with the number expected to increase to 392.5 billion by 2026. Experiencing a security incident on your email server can interrupt business operations leading to lost revenue.
Read Post

Exabeam SIEM Overview

Jul 3, 2024 By Exabeam In Exabeam
Explore cloud-native Exabeam SIEM, part of the Exabeam Security Operations Platform. Exabeam SIEM is a scalable cloud-native offering providing advanced capabilities for log management and SIEM, using the power of generative AI to provide event context and accelerate investigations. It delivers a limitless scale to ingest, parse, store, search, and report on petabytes of data—from everywhere. Exabeam SIEM includes over 200 prepackaged correlation rules with a rule builder, allowing even new analysts to easily create, deploy, and manage environment-specific rules.
View Video
sumologic

Rule tuning - supercharge Cloud SIEM for better alerts

Jul 2, 2024 By Paul Sheck In Sumo Logic
We’ve seen the movies where the character needs to get out of a jam or needs to get somewhere in a hurry, so they mash the big button of Nitrous Oxide and boom they are off! Fast and the Furious and Boss Level are the two movies that come to mind. So, how does this relate to a SIEM or SIEM rules? Sit down, buckle up, and let’s go for a ride.
Read Post
levelblue

Navigating the Cybersecurity Landscape: A Deep Dive into Effective SIEM Strategies

Jul 2, 2024 By Sam Bocetta In LevelBlue
Comprehending and effectively addressing cybersecurity threats is paramount to organizational security. As artificial intelligence continues to evolve, how companies respond to cybersecurity threats and how they take proactive steps to mitigate them will factor heavily into profitability, reputation and long-term success.
Read Post
elastic

Tracing Linux: A file integrity monitoring use case

Jul 1, 2024 By Panos Koutsovasilis In Elastic
Protecting mission-critical Linux machines is essential for any business. Sophisticated cyber attacks can start from a low-value target machine and pivot into high-value servers filled with sensitive information. However, many organizations face challenges when their infrastructure includes older Linux kernels that do not support modern tracing technologies.
Read Post
elastic

Arizona Department of Homeland Security enhances cybersecurity with Elastic's AI-driven security analytics

Jul 1, 2024 By Jared Pane In Elastic
The Arizona Department of Homeland Security (AZDOHS) operates in an environment that requires a robust cybersecurity strategy to protect against ever-evolving threats. With a mission to safeguard state and local infrastructures, the team at AZDOHS faced the daunting task of monitoring an expansive array of data points and potential vulnerabilities.
Read Post
splunk

Splunk Ranked Number 1 in the 2024 Gartner Critical Capabilities for Security Information and Event Management

Jun 28, 2024 By Olivia Henderson In Splunk
In addition to Splunk’s recognition as a 10-time Leader in the 2024 Gartner Magic Quadrant for Security Information and Event Management (SIEM), we are extremely proud to announce that Splunk was ranked as the #1 SIEM solution in all three Use Cases in the 2024 Gartner Critical Capabilities for Security Information and Event Management report.
Read Post
devo

Phishing Attacks: The Deceptive Trap

Jun 27, 2024 By Devo In Devo
The threat of phishing attacks looms larger than ever. The LA County Department of Public Health recently announced that 50 employees fell victim to phishing attacks, compromising sensitive patient data. These deceptive schemes have become a staple in the cyberthreat landscape, targeting individuals and businesses of all sizes. For every employee, understanding the signs and consequences of a phishing attack is crucial to safeguarding their organization.
Read Post
graylog

The exploit prediction scoring system: What it is and how to use it

Jun 27, 2024 By Graylog Security In Graylog
Managing vulnerabilities can feel like the end of the first act of Les Misérables as you sing to yourself, “one day more, another day another vulnerability.” Like Jean Valjean, you attempt to put up barricades to protect your environment from attackers exploiting these security weaknesses. Keeping pace with the number of vulnerabilities and threat actor activities becomes overwhelming, leaving you to feel outnumbered and outmanned.
Read Post
datadog

Accelerate investigations with Datadog Cloud SIEM Risk Insights for AWS, GCP, and Azure entities

Jun 26, 2024 By Amanda Quach In Datadog
Managing dynamic cloud environments is an ongoing challenge for organizations as they scale and innovate. Protecting assets, data, and reputations is more important than ever, yet detecting insider threats, compromised accounts, and unusual behavior in an environment remains complex. Traditional SIEM solutions often focus on reactive, event-driven insights, but to meet today’s evolving needs, many teams are embracing proactive approaches like user and entity behavior analytics (UEBA).
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.