Tag: siem
-
US, allies push for immediate SIEM, SOAR implementation
First seen on scworld.com Jump to article: www.scworld.com/brief/us-allies-push-for-immediate-siem-soar-implementation
-
Why Rumors of SIEM’s Demise Are Greatly Exaggerated
Tags: siemFirst seen on scworld.com Jump to article: www.scworld.com/perspective/why-rumors-of-siems-demise-are-greatly-exaggerated
-
CISA Releases Executive Guide on SIEM and SOAR Platforms for Rapid Threat Detection
In today’s rapidly evolving threat landscape, Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms have become foundational to organizational cybersecurity strategies. SIEM platforms collect, centralize, and analyze log data from diverse sources, such as endpoints, servers, cloud services, and network devices, using correlation rules and filters to detect anomalous…
-
New Russian APT group Void Blizzard targets NATO-based orgs after infiltrating Dutch police
Tags: access, api, apt, attack, authentication, blizzard, cloud, credentials, data, defense, detection, edr, email, fido, framework, group, hacker, identity, least-privilege, login, mfa, microsoft, open-source, passkey, password, phishing, qr, risk, russia, siem, spear-phishing, switch, threat, toolSwitch to spear phishing: In recent months the group seems to have pivoted from password spraying to targeted spear phishing attacks that direct users to fake Microsoft Entra login pages using adversary-in-the-middle (AitM) techniques. Such a campaign led to the compromise of 20 NGOs in April.In its campaign against NGOs, Void Blizzard sent emails masquerading…
-
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation and prioritization of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. These resources aim to help both executives and practitioners navigate the complexities of modern cyber defense, from procurement…
-
A Hyperscaler for Cybersecurity
Tags: access, automation, business, cloud, compliance, computing, control, cybersecurity, data, detection, edr, endpoint, group, infrastructure, intelligence, mssp, network, service, siem, soc, software, threat, tool, updateHyperscalers like AWS and GCP have transformed IT and general tech. Now it’s time for the cybersecurity industry to catch up by shifting to specialized hyperscaler platforms built for security operations (SecOps) at scale. Why the cybersecurity industry needs its own hyperscaler IT hyperscalers evolved to meet the challenges of web-scale computing back in the…
-
Threat intelligence platform buyer’s guide: Top vendors, selection advice
Tags: ai, attack, automation, breach, cloud, computing, credentials, crowdstrike, cyber, cybersecurity, dark-web, data, data-breach, deep-fake, detection, dns, edr, email, endpoint, exploit, finance, firewall, fraud, gartner, google, group, guide, identity, incident response, infrastructure, intelligence, kubernetes, law, malicious, malware, microsoft, mitigation, monitoring, network, open-source, phishing, privacy, risk, service, siem, soar, soc, sophos, sql, supply-chain, technology, threat, tool, vpn, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) found that since 2023 the majority of exploits were zero days, meaning exploiting heretofore unknown methods. And according to the latest Verizon Data Breach Investigations report (DBIR), the percentage of AI-assisted malicious emails doubled to 10% of the totals they observed over the past two years, making staying…
-
Palo Alto Networks CEO Nikesh Arora: SIEM’s Days Are Numbered
It’s inevitable that traditional SIEM will be displaced by AI-powered, ‘new age players’ such as Palo Alto Networks’ Cortex XSIAM, CEO Nikesh Arora said during a quarterly call Tuesday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/palo-alto-networks-ceo-nikesh-arora-siem-s-days-are-numbered
-
Let’s Talk About SaaS Risk Again”¦ This Time, Louder.
By Kevin Hanes, CEO of Reveal Security A few weeks ago, I shared a thought that sparked a lot of discussion: SaaS is not a black box we can ignore. It’s a rich, dynamic attack surface and one that attackers are increasingly targeting. That urgency was echoed powerfully in JPMorgan CISO Patrick Opet’s open letter…
-
Security Gamechangers: CrowdStrike’s AI-Native SOC Next Gen SIEM Take Center Stage at RSAC 2025
CrowdStrike introduced several enhancements to its Falcon cybersecurity platform and Falcon Next-Gen SIEM at the RSA Conference 2025, highlighting artificial intelligence, managed threat hunting and operational efficiencies aimed at transforming modern Security Operations Centers (SOC). First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/security-gamechangers-crowdstrikes-ai-native-soc-next-gen-siem-take-center-stage-at-rsac-2025/
-
Golem Karrierewelt: Live-Webinar: Microsoft Sentinel – SIEM in der Cloud
Im Livestream zeigt Aaron Siller, wie sich Sentinel als Cloud-native SIEM-Lösung optimal in den Security Stack integrieren lässt. First seen on golem.de Jump to article: www.golem.de/news/golem-karrierewelt-live-webinar-microsoft-sentinel-siem-in-der-cloud-2505-196009.html
-
Top tips for successful threat intelligence usage
Tags: ai, attack, automation, cloud, computing, data, ddos, detection, exploit, firewall, group, guide, incident response, infosec, infrastructure, intelligence, law, mitigation, network, phishing, siem, skills, soar, software, threat, tool, update, vulnerability, vulnerability-managementMake sure you don’t have more intel than you need: Next is the matching phase: the most sophisticated TIP may be overkill if you have a small infosec department with limited skills or have a relatively simple computing environment. According to this 2025 report from Greynoise, threat feeds must match your own environment in terms…
-
Top cybersecurity products showcased at RSA 2025
Tags: access, ai, attack, automation, awareness, breach, cisco, compliance, control, crowdstrike, cyber, cybersecurity, data, defense, detection, edr, email, firewall, fortinet, framework, identity, incident response, infrastructure, injection, intelligence, login, malicious, open-source, phishing, risk, siem, soc, threat, tool, training, update, vulnerability, zero-trustCisco: Foundational AI Security Model: Cisco introduced its Foundation AI Security Model, an open-source framework designed to standardize safety protocols across AI models and applications. This initiative aims to address the growing concerns around AI security and ensure Safer AI deployments. Cisco also unveiled new agentic AI features in its XDR and Splunk platforms, along…
-
What is EDR? An analytical approach to endpoint security
Tags: access, android, antivirus, api, attack, automation, breach, cloud, corporate, data, defense, detection, edr, email, endpoint, firewall, incident response, infection, infosec, infrastructure, intelligence, Intruder, linux, macOS, malicious, malware, network, service, siem, soar, software, threat, tool, trainingEDR vs. antivirus: What’s the difference?: Antivirus software has similar goals to EDR, in that it aims to block malware from installing on and infecting endpoints (usually user PCs). The difference is that antivirus spots malicious activity by trying to match it to signatures, known patterns of code execution or behavior that the security community…
-
Huntress Launches Managed SIEM to Simplify and Expand Cybersecurity Access
First seen on scworld.com Jump to article: www.scworld.com/news/huntress-launches-managed-siem-to-simplify-and-expand-cybersecurity-access
-
5 Big Palo Alto Networks Launches On XSIAM, SASE, AI Security
Palo Alto Networks unveiled the next version of its SIEM replacement offering with the debut of Cortex XSIAM 3.0, as well as updates to Prisma SASE and AI security, as RSAC 2025 got underway Monday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/5-big-palo-alto-networks-launches-on-xsiam-sase-ai-security
-
NSFOCUS ISOP Receives International Recognition: AI Drives Enterprise Security Operations from “Complex” to “Simple”
Santa Clara, Calif. April 27, 2024 Recently, NSFOCUS Intelligent Security Operations Platform (NSFOCUS ISOP) was once again recognized by the internationally renowned consulting firm Frost & Sullivan and won the 2024 “Global Modern SIEM Technology Innovation Leadership Award”. Frost & Sullivan Best Practices Recognition awards companies each year in a variety of regional and global…The…
-
Gurucul introduces self-driving SIEM powered by AI enhancements
Gurucul announced a quantum leap forward with a self-driving SIEM powered by extensive AI enhancements and infused within a revamped AI-centric user interface for improved and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/17/gurucul-siem/
-
The Fastest Way to Secure Your APIs? We’ve Got That Covered with CrowdStrike
Tags: api, attack, cloud, crowdstrike, data, data-breach, endpoint, firewall, governance, identity, intelligence, risk, security-incident, siem, threat, tool, vulnerabilityAPIs are the backbone of modern apps, but they also introduce some serious security risks. Attackers are constantly on the lookout for vulnerable APIs, shadow APIs, zombie APIs, and exposed sensitive data”, all of which are tough to track if you don’t have the right tools in place. That’s why we’ve teamed up with CrowdStrike…
-
Open-Source-Security im Praxis-Check – Wazuh im Test: Flexibles SIEM mit XDR-Funktionen
First seen on security-insider.de Jump to article: www.security-insider.de/wazuh-open-source-siem-xdr-loesung-test-a-ba210f6ea5a61cdda169bfbf9b6f43f8/
-
Echtzeitanalyse und Reaktion – Was ist ein SIEM?
Tags: siemFirst seen on security-insider.de Jump to article: www.security-insider.de/was-ist-ein-siem-a-2d865b4b9615679a7e850ccf85b19f23/
-
The Future of Security Operations: Why Next-Gen SIEM is a Necessity
Tags: siemTransitioning to a modern SIEM model can achieve significant cost savings while enhancing security visibility and operational efficiency. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/the-future-of-security-operations-why-next-gen-siem-is-a-necessity/
-
Visibility, Monitoring Key to Enterprise Endpoint Strategy
A successful enterprise security defense requires a successful endpoint security effort. With options ranging from EDR, SIEM, SOAR, and more, how do security teams cut through the clutter and focus on what matters? First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/visibility-monitoring-key-to-enterprise-endpoint-strategy
-
AI promises to create a ‘SIEM Renaissance’ in the SOC
First seen on scworld.com Jump to article: www.scworld.com/perspective/ai-promises-to-create-a-siem-renaissance-in-the-soc
-
CrowdStrike Turns to Partners to Push Next-Gen SIEM Adoption
First seen on scworld.com Jump to article: www.scworld.com/news/crowdstrike-turns-to-partners-to-push-next-gen-siem-adoption
-
Rising attack exposure, threat sophistication spur interest in detection engineering
Tags: access, ai, attack, automation, banking, ceo, ciso, cloud, compliance, cyber, cybersecurity, data, detection, endpoint, exploit, finance, framework, healthcare, infrastructure, insurance, intelligence, LLM, malware, mitre, network, programming, ransomware, RedTeam, risk, sans, siem, software, supply-chain, tactics, technology, threat, tool, update, vulnerability, zero-dayMore than the usual threat detection practices: Proponents argue that detection engineering differs from traditional threat detection practices in approach, methodology, and integration with the development lifecycle. Threat detection processes are typically more reactive and rely on pre-built rules and signatures from vendors that offer limited customization for the organizations using them. In contrast, detection…
-
Getting the Most Value Out of the OSCP: The PEN-200 Labs
Tags: access, ai, attack, compliance, container, cyber, cybersecurity, dns, docker, exploit, firewall, guide, hacking, Hardware, infrastructure, intelligence, jobs, kubernetes, microsoft, mitigation, network, open-source, oracle, penetration-testing, powershell, risk, security-incident, service, siem, skills, technology, tool, training, vmware, vulnerability, windowsHow to leverage the PEN-200 simulated black-box penetration testing scenarios for maximal self-improvement and career success. Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been sponsored or incentivized in any way to recommend or oppose any…