Tag: siem
-
5 Big CrowdStrike Launches For Next-Gen SIEM, AI Security
CrowdStrike is doubling down on support for Microsoft security tools with a major update to its Falcon Next-Gen SIEM platform, along with launching enhanced new AI security capabilities, the cybersecurity giant announced Monday. First seen on crn.com Jump to article: www.crn.com/news/security/2026/5-big-crowdstrike-launches-for-next-gen-siem-ai-security
-
Your SIEM Isn’t Broken. Your Investigation Layer Is Missing.
Tags: siemAnalysts take 56 min per alert. 40% of alerts go uninvestigated. The problem isn’t SIEM, it’s the investigation layer that was never built. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/your-siem-isnt-broken-your-investigation-layer-is-missing/
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
Anton’s Security Blog Quarterly Q1 2026
Tags: ai, automation, breach, ciso, cloud, control, defense, detection, framework, google, governance, infrastructure, mandiant, metric, RedTeam, risk, service, siem, soc, software, supply-chain, threat, update, vulnerability, vulnerability-managementMy Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now with VIDEO). Gemini image for this Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”,…
-
SIEM Is Not Dead. It Just Stopped Moving Fast Enough.
I recently joined Tim Peacock and Anton Chuvakin on the Google Cloud Security Podcast to talk about SIEM, AI SOC, pricing, federated architecture, detection engineering, and why network telemetry is quietly becoming important again. The short version is simple: SIEM is not dead. Calling it obsolete makes for good marketing, but it is not a……
-
SIEM Is Not Dead. It Just Stopped Moving Fast Enough.
I recently joined Tim Peacock and Anton Chuvakin on the Google Cloud Security Podcast to talk about SIEM, AI SOC, pricing, federated architecture, detection engineering, and why network telemetry is quietly becoming important again. The short version is simple: SIEM is not dead. Calling it obsolete makes for good marketing, but it is not a……
-
Mapping Your Defenses to What You Need, Not What You Inherited
<div cla There is a deceptive sense of security that comes with a crowded security architecture. We look at our environments and see a landscape filled with multiple vendor tools, SIEM dashboards pulsing with telemetry, and threat intelligence feeds. On paper, the organization looks hardened. The budget has been allocated, the tools have been deployed,…
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
Leading Myanmar Fleet Management Company Yoma Fleet Selects AccuKnox SIEM to Replace Legacy Tools
Menlo Park, USA, March 10th, 2026, CyberNewswire AccuKnox, a leading Zero Trust Cloud-Native Application Protection Platform (CNAPP), today announced that Yoma Fleet, a premier fleet management and leasing company in Myanmar, has selected AccuKnox SIEM to secure its operations and enhance its cybersecurity infrastructure. Yoma Fleet, a part of the Singapore-listed Yoma Strategic Holdings Ltd,…
-
Leading Myanmar Fleet Management Company Yoma Fleet Selects AccuKnox SIEM to Replace Legacy Tools
Menlo Park, USA, 10th March 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/leading-myanmar-fleet-management-company-yoma-fleet-selects-accuknox-siem-to-replace-legacy-tools/
-
I replaced manual pen tests with automation. Here’s what I learned.
Tags: access, attack, breach, control, cvss, detection, exploit, infrastructure, intelligence, password, penetration-testing, ransomware, RedTeam, resilience, risk, service, siem, soc, tactics, tool, training, update, vulnerability, zero-dayThe remediation black hole: Perhaps most frustrating was what happened after we received findings. Our teams would work diligently to implement fixes, but we rarely had the budget or opportunity to bring testers back to validate remediation. We were left with uncertainty. This gap between identification and verification created a dangerous blind spot in our…
-
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/elastic-cloud-siem-manage-stolen/
-
4 ways to prepare your SOC for agentic AI
Tags: access, ai, attack, automation, best-practice, cloud, compliance, control, cybersecurity, data, defense, detection, edr, framework, governance, guide, identity, injection, intelligence, least-privilege, metric, mitre, radius, RedTeam, risk, siem, skills, soar, soc, threat, toolBuild capabilities for AI governance, content and quality: Upskilling existing analysts alone is not enough. As AI agents begin operating across tools, making decisions and triggering actions with minimal human involvement, the demands on the SOC will extend well beyond traditional analyst capabilities, experts say.Content engineering, for instance, is one emerging requirement. In an AI-enabled…
-
Fig Security Emerges From Stealth to Fix Broken Security Operations
Fig Security’s platform traces security data flows end-to-end across SIEMs, pipelines, and response systems to alert teams before infrastructure changes break critical defenses. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/fig-security-stealth-fix-broken-security-operations
-
Fig Security Raises $30M to Modernize SOC Infrastructure
Series A Funding Aims to Give Security Teams Visibility Into Complex SecOps Stacks. Fig Security has raised $30 million in Series A funding to help organizations modernize their SOC infrastructure. The startup said CISOs lack visibility into complex SecOps pipelines spanning SIEMs, data lakes and automation tools, which can lead to silent failures that undermine…
-
Configuration and Runtime: The PBJ of Effective Security Operations
For most of the security industry’s history, logs were the problem to solve. Attacks were easy to spot in events: Failed logins, suspicious processes, and unexpected network connections. Infrastructure was relatively static, identities were long-lived, and configuration changed slowly enough to be treated as background context. SIEMs emerged to centralize logs, correlate activity across systems,..…
-
Deepwatch® Expands SIEM-Agnostic Guardian MDR Platform with Support for Securonix®
Deepwatch Operationalizes Securonix with NEXAAgentic AI and 24/7 Elite SOC Palo Alto, CA”, February 24, 2026″, Deepwatch, the leader in Precision MDR powered by AI + humans, today announced native support for Securonix, a six-time Leader in the Gartner® Magic Quadrant for SIEM, within the Deepwatch Guardian MDR Platform. The integration operationalizes Securonix’s Unified Defense…
-
Abstract Security Launches AI SIEM Platform to Analyze Threats In Real Time
Abstract Security today added a modular security information and event management (SIEM) platform to its portfolio that also makes use of artificial intelligence (AI) to surface threats in near real time. Company CEO Colby DeRodeff said the AI-Gen Composable SIEM enables cybersecurity teams to continuously stream data into an AI platform that is designed to..…
-
The 20 Coolest Security Operations, Risk And Threat Intelligence Companies Of 2026: The Security 100
CRN’s Security 100 list of the coolest security operations, risk and threat intelligence companies includes providers of agentic SOC tools, SIEM platforms and threat intelligence feeds. First seen on crn.com Jump to article: www.crn.com/news/security/2026/the-20-coolest-security-operations-risk-and-threat-intelligence-companies-of-2026-the-security-100
-
Discipline is the new power move in cybersecurity leadership
Tags: automation, cyber, cybersecurity, data, group, incident response, intelligence, metric, risk, risk-management, service, siem, soc, technology, threat, tool, update, vulnerability, vulnerability-managementHow to do more with less: 1. Review contracts, renegotiate them or change the operations to a new partner Scope, service-level agreements and performance metrics should be revisited because many contracts were established under different risk profiles, urgency and pricing conditions. Modernizing contracts to focus on outcomes rather than activities, revalidating pricing and service assumptions…
-
Cyber attacks enabled by basic failings, Palo Alto analysis finds
Changing the paradigm: Unit 42’s answer to this endless cycle of attackers always being one step ahead of defenders is to change the paradigm: cybersecurity has become so specialized, it says, that the answer is to use a managed service built from the ground up to counter real rather than abstract threats.With that in mind,…
-
Turning IBM QRadar Alerts into Action with Criminal IP
Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
-
Turning IBM QRadar Alerts into Action with Criminal IP
Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
-
Turning IBM QRadar Alerts into Action with Criminal IP
Criminal IP now integrates with IBM QRadar SIEM and SOAR to bring external IP-based threat intelligence directly into detection and response workflows. See how risk scoring and automated enrichment help SOC teams prioritize high-risk IPs and accelerate investigations without leaving QRadar. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-ibm-qradar-alerts-into-action-with-criminal-ip/
-
5 key trends reshaping the SIEM market
Tags: ai, api, attack, automation, business, cloud, compliance, crowdstrike, cyber, cybersecurity, data, detection, edr, google, guide, Hardware, ibm, identity, incident response, intelligence, jobs, monitoring, msp, network, nis-2, saas, service, siem, soar, startup, technology, threat, tool, vulnerability, vulnerability-managementMarket split as midrange sales offset SME slump: A year on, Context’s data shows that this ongoing convergence of SIEM with security tools such as XDR and SOAR has triggered a structural split in the market.”Large midmarket firms are doubling down on unified platforms for compliance, while smaller organizations are investing less in SIEM entirely…
-
The SIEM Maturity Framework Workbook (v1.0): A Practical Scoring Tool for Security Analytics Platforms
Over the last few weeks I published a post on the architectural and operational gaps that created the new wave of SIEM and AI SOC vendors. A bunch of people asked the same follow-up question: “Ok, but how do I evaluate vendors consistently without falling back into feature checklists and marketing claims?” So I turned……