Security Information Event Management (SIEM) systems are an outdated technology. It’s no longer enough to just manage information – today’s organizations need technology that can proactively detect and respond to dynamic threats as well.
SIEM’s …
Security Information Event Management (SIEM) systems are an outdated technology. It’s no longer enough to just manage information – today’s organizations need technology that can proactively detect and respond to dynamic threats as well.
SIEM’s …
Editor’s Note: This a partnered sponsored guest blog written by Avertium. Continuous monitoring is one of the most important facets of any Zero Trust architecture. The level of trust a system has in any user, application, or data flow may…
The post Lev…
Alert (or alarm) fatigue is the phenomenon of becoming desensitized (and thus ignoring or failing to respond appropriately) to signals meant to warn us about emergencies.
IT security operations professionals are especially prone to this fatigue …
Logpoint has announced findings from a recent poll to uncover the security and cost implications enterprises face with their existing IT infrastructure. The poll was targeted at cybersecurity and IT professionals in both the U.S. and UK. The problem wi…
Demystifying the technology with case studies of AI security in action
Many automation tools, such as SOAR, suffer from a Catch-22 irony: you know that automation will save you huge amounts of time, but it’s difficult to implement and requires sk…
They say the devil is in the details. This is especially true for security professionals that use Splunk as their organization’s primary security analytics engine. Splunk analytics gives security teams a real-time view of machine data from networks, data centers, or IT environments. Organizations also use Splunk to retain log records for data repositories, which […]
The post How Imperva Data Security Fabric Reduces Splunk Ingestion Costs and Accelerates Incident Management appeared first on Blog.
Nobody ever says, “We don’t need better security for the data we manage.” There is, however, a balancing act that security professionals perform every day to get the most security value from their solutions at the lowest possible cost. As they move more workloads into cloud-native environments and more databases are introduced to an organization’s […]
The post The Business Case for Modernizing On-Premises and Cloud-Based Database Security appeared first on Blog.
LogicHub’s unique decision automation technology can build clients the ultimate security playbook in a matter of minutes.
Our platform is not solely AI-driven. It marries the best of what humans and AI have to offer each other. Humans can provid…
Automating a threat-hunting playbook with the help of AI
Many threat-hunting playbooks we build for use cases can have between 50 to 100 steps – some even more than that. Even for an analyst well-versed in automation, this can easily take a one t…
It’s officially spring. That means it’s time for spring cleaning. A long-honored tradition, spring cleaning…
The post 3 Spring Cleaning Tips for Improving Cybersecurity Hygiene appeared first on Gurucul.
The post 3 Spring Cleaning Tips for Improving …
Cybersecurity involves a balancing act between risk aversion and risk tolerance. Going too far to either extreme may increase cost and complexity, or worse: cause the inevitable business and compliance consequences of a successful cyberattack. The deci…
The role of a security engineer never stops! Get a technical exploration into how machine learning is changing the game of SecOps at Anitian.
The post Anomaly Detection Through Machine Learning appeared first on Anitian.
The post Anomaly Detection Thr…
SOAR Playbooks
Outside of football, the term “playbook” is well understood by a relatively small group of security automation ninjas. In many larger enterprises with extensive security teams, automating mundane and repetitive security tasks has b…
A Cloud Security Notifications Framework (CSNF) being advanced by the Automated Cloud Governance (ACG) Working Group, an arm of the Open Network User Group (ONUG), today announced it has adopted a data format developed by TriggerMesh to make it simple…
When updating your systems from a pure Security Information Event Management (SIEM), choosing the right Managed Detection and Response (MDR) service is key.
An MDR service needn’t mean you have to discard your current SIEM. They can coexist. MDR…
Data breaches set a record high volume in 2021. According to CNET, 1,862 publicly reported data breaches took place over the course of the year. This volume surpassed the 1,108 data breaches in 2020 and broke the record of 1,506 security in…
Most organizations are planning to increase their cybersecurity budgets for 2022. In a 2021 survey covered by Dark Reading, 81% of organizations revealed that they’re committed to growing their cybersecurity budgets over the coming year.&nb…
Blumira today extended the cloud-based automated threat detection and response service it provides to include both a free tier and a set of premium Microsoft 365, cloud and advanced offerings. Jim Simpson, Blumira CEO, said the goal is to make threat …
Kumar Saurabh, LogicHub CEO and Co-founder, discusses his experience in the SIEM space and what he sees as the natural evolution from SIEM technology to AI and automation driven detection and response.
The Early Days of SIEM
I started in the secu…
The Zero Trust security model assumes that the threat is already in the network. Every…
The post Is Zero Trust as Good as It Gets? appeared first on Gurucul.
The post Is Zero Trust as Good as It Gets? appeared first on Security Boulevard.
MixMode’s Head of Sales and Alliances, Geoff Coulehan, shares how MixMode was able to identify critical risk factors coming from inside bad actors that had gone undetected by a large U.S. city’s SIEM and UBA platforms despite their multi-year deploymen…
The security information and event management (SIEM) capabilities required to meet the demands of today’s data-intensive and threat-laden business environments are only now becoming a reality. As an industry, we have reached a point where the SIEM pla…
The Extended Detection and Response (XDR) market is expected to increase over the next few years. Grand View Research wrote that the global XDR market will grow at a CAGR of 19.9% between 2021 and 2028. This surge will bring the market’s va…
We must never forget to look beyond external threats to insider threats to secure our…
The post Look Beyond External Threats to Insider Threats appeared first on Gurucul.
The post Look Beyond External Threats to Insider Threats appeared first on Secu…
Palo Alto Networks this week launched a cybersecurity platform that was developed from the ground up to take advantage of advances in artificial intelligence (AI). Palo Alto Networks CTO Nir Zuk said extended security intelligence and automation manag…
In this Expert Insight, Jack Naglieri, the CEO of Panther, writes about how today’s cloud-centric and data-driven environments make the SIEM technologies of the past inadequate and demand new approaches to security monitoring.
The post Why Security Pra…
In this interview with Help Net Security, Brian Dye, CEO at Corelight, talks about the trend of creating separate SIEMs for threat hunting and why this is not achieveable for all organizations. We are seeing companies establishing separate SIEMs for th…
One of my top cybersecurity initiatives for 2022 is improving threat detection and response. Initial…
The post A Key Initiative in 2022 is Improving Threat Detection and Response appeared first on Gurucul.
The post A Key Initiative in 2022 is Improvi…
Cybersecurity has become more complex than ever, allowing cybercriminals to access organizations through many different routes. To help incident response and threat hunting teams navigate this complex environment, Qualys has unveiled its Qualys Context…
Various threat actor groups continue to develop exploits that are targeting the Log4j vulnerability. However,…
The post The Hunt for Log4j appeared first on Gurucul.
The post The Hunt for Log4j appeared first on Security Boulevard.
Trying to decipher Cybersecurity jargon can feel like trying to make sense out of a spoonful of alphabet soup. Is your SIEM equipped with sufficient NTA? What about your XDR? Or wait, was it NDR? What’s IRM, anyway? And whatever happened to UEBA?
The p…
I am stating the obvious where one of the top cybersecurity initiatives for 2022 is…
The post The Top Cybersecurity Initiative for 2022 is Cloud Security appeared first on Gurucul.
The post The Top Cybersecurity Initiative for 2022 is Cloud Security …
Some interesting stats published recently by ITProPortal revealed 55% of technology and security executives said that they intended to increase their cybersecurity budgets by the end of the year. Approximately the same proportion (51%…
Some interesting stats published recently by ITProPortal revealed 55% of technology and security executives said that they intended to increase their cybersecurity budgets by the end of the year. Approximately the same proportion (51%…
20 years of SIEM?
On Jan 20, 2002, exactly 20 years ago, I joined a “SIM” vendor that shall remain nameless, but is easy to figure out. That windy winter day in northern New Jersey definitely set my security career on a new course.
With this post, I wa…
As networks continue to evolve and security threats get more complex, security analytics plays an increasingly critical role in securing the enterprise. By combining software, algorithms and analytic processes, security analytics helps IT and security …
We see a lot of marketing claims on how various security solutions can reduce “Dwell…
The post The Number 1 Enemy of XDR and SIEM: Dwell Time appeared first on Gurucul.
The post The Number 1 Enemy of XDR and SIEM: Dwell Time appeared first on Securit…
In my previous blog post, I talked about the value of centralized logging, a high-level, non-complex overview of how centralizing your logs can help you determine if your security controls and defensive tools are working as expected. Now, let’s …
The advent of Extended Detection and Response (XDR) offers an edge against advanced attacks, but many of the so-called “XDR approaches” available today are actually little more than extensions of current EDR solutions that rely on known Ind…
When you evaluate data security products it is imperative to have the end goal in sight. If you look forward 365 days from now, what is the best way to predict how your team will use the product so that you can communicate the value that it will provide? One approach is to examine operational […]
The post Build successful data security evaluation criteria with help from your peers appeared first on Blog.