Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sumologic

Forrester TEI study: Sumo Logic's Cloud SIEM delivers 166 percent ROI over 3 years and a payback of less than 3 months

Mar 9, 2021 By Girish Bhat In Sumo Logic
We are seeing a renewed focus on accelerating digital transformation projects across business ecosystems and workflows within our customer base. These projects are enabling key business outcomes and this organizational transformation has given security and IT leaders the catalyst and opportunity to modernize security operations while eliminating on-premises debt.
Read Post

Splunk SOAR Playbooks: Crowdstrike Malware Triage

Mar 9, 2021 By Splunk In Splunk
The combination of Crowdstrike and Splunk Phantom together allows for a more smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds. In this video, distinguished Phantom engineer Philip Royer will walk you through an out-of-the-box playbook that you can set up in Phantom to triage malware detections from Crowdstrike and automate a variety of responses based on an informed decision by an analyst.
View Video
elastic

Detecting threats in AWS Cloudtrail logs using machine learning

Mar 9, 2021 By Craig Chamberlain In Elastic

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

Read Post
devo

Choosing a Centralized Log Management Solution: Top 5 Criteria

Mar 4, 2021 By Kevin Flanagan In Devo

In previous posts, we’ve written about two topics covered in the Devo eBook The Shift Is On, which presents the use case for centralized log management (CLM) in the cloud. First, we looked at the 5 best practices for security logging in the cloud. Next, we delved into the question of when your organization should adopt centralized logging. In our final installment, let’s examine the five key evaluation criteria for choosing the right CLM solution for your business.

Read Post
manageengine

Security operations center, Part 3: Finding your weakest link

Mar 3, 2021 By Log360 In ManageEngine

Any organization with data assets is a possible target for an attacker. Hackers use various forms of advanced cyberattack techniques to obtain valuable company data; in fact, a study by the University of Maryland showed that a cyberattack takes place every 39 seconds, or 2,244 times a day on average. This number has increased exponentially since the COVID-19 pandemic forced most employees to work remotely, and drastically increased the attack surface of organizations around the world.

Read Post
devo

When Your Organization Should Adopt Centralized Logging

Feb 25, 2021 By Kevin Flanagan In Devo

Most security pros know the value of log data. Organizations collect metrics, logs, and events from some parts of the environment. But there is a big difference between monitoring and a true centralized log management. How can you measure the effectiveness of your current logging solution? Here are four signs that it’s time to centralize log management in your organization: This post is based on content from the new Devo eBook The Shift Is On.

Read Post

Coralogix - On-Demand Webinar: Drive DevOps with Machine Learning

Feb 25, 2021 By Coralogix In Coralogix
DevOps has become the de facto method of developing and maintaining software, but it comes with its own challenges. Keeping track of change in a complex, fluid environment is a serious hurdle to overcome. In this webinar, we explained how machine learning can be employed within a DevOps team to improve operational performance, optimize mean time to recovery and create a better service for your customers.
View Video
devo

5 Best Practices for Security Logging in the Cloud

Feb 10, 2021 By Kevin Flanagan In Devo

Logs are critical for detecting and investigating security issues. They also provide essential visibility into business operating environments. Many organizations, when they are small and just starting out, can get away with using a local log server and storage to collect data. Almost all security teams start off with this kind of on-premises logging approach. Most teams use an open-source, homegrown solution for this type of short-term, small-scale log analytics.

Read Post
splunk

DoD's Cyber Posture: A Focus on Automation

Feb 10, 2021 By Tim Frank In Splunk

The importance of the security of the Department of Defense’s (DoD’s) networks is no secret (well, of course a lot of it is secret!). This is evidenced by the Department’s IT/cybersecurity budget request that annually tops $40 billion dollars. Last year’s IT and Cyberspace Activities Budget Overview perhaps said it best.

Read Post
chaossearch

How to Mitigate DDoS Attacks with Log Analytics

Feb 4, 2021 By Thomas Hazel In ChaosSearch
Is your organization prepared to mitigate Distributed Denial of Service (DDoS) attacks against mission-critical cloud-based applications? A DDoS attack is a cyber attack that uses bots to flood the targeted server or application with junk traffic, exhausting its resources and disrupting service for real human users. DDoS attacks are on the rise, with over 4.83 million attacks reported in the first half of 2020 - an increase of more than 250% compared to the same period in 2019.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.