Security News

Securonix, AWS partner on new cloud-native SIEM solution
2021-04-14 16:00

Cybersecurity firm Securonix has announced a new level to its collaboration with AWS that will allow AWS customers to use Securonix security information and event management software without ever leaving their current AWS hosting solutions. Securonix describes the new collaborative product as a "Bring your own cloud" program "Providing customers with deployment options that are aligned with their cloud strategies, data retention requirements and overall business needs."

LogRhythm NextGen SIEM Platform 7.7 offers enhanced detection and response capabilities
2021-04-07 01:15

LogRhythm announced the launch of version 7.7 of the LogRhythm NextGen SIEM Platform. The update introduces new features designed to streamline the threat detection and response process, including a new Timeline View that provides analysts with an easy-to-follow security narrative when investigating an incident.

How next-gen cloud SIEM tools can give critical visibility to companies for effective threat hunting
2021-01-15 16:39

When the move to the cloud was dramatically exacerbated by companies rapidly shifting to remote work, these tools fell short of supplying clear visibility into multiple environments and technology layers. The need to quickly adapt and scale to the new reality provided the perfect opportunity to accelerate the push to cloud, but outdated traditional security information and event management tools are not able to efficiently collect and process the high volume of telemetry generated by the multiple cloud services adopted as part of this push.

AttackIQ integrates Security Optimization Platform with Microsoft Azure Sentinel cloud-native SIEM platform
2020-10-28 01:15

AttackIQ announced its integration between the Microsoft Azure Sentinel cloud-native security information and event manager platform and the AttackIQ Security Optimization Platform. "We're delighted to announce AttackIQ's integration with Microsoft Azure Sentinel, and the opportunity to enable Azure Sentinel users to test and validate their detection pipeline and ultimately fine-tune security processes across their organization," said Dariush Afshar, VP of Platform & Business Development, AttackIQ. "With our integration with Azure Sentinel, Microsoft customers now have another powerful tool for optimizing their security investments, whether that be their Microsoft 365 Defender investments like Microsoft Defender for Endpoint, or third-party security products - such as nextgen firewall - that feed Azure Sentinel."

The brain of the SIEM and SOAR
2020-10-13 04:30

Because many organizations already have a SIEM, it seemed reasonable for the SOAR providers to start with automating the output from the SIEM tool or security platform console. So: Security controls send alerts to a SIEM > the SIEM uses rules written by the security team to filter down the number of alerts to a much smaller number, usually 1,000,000:1 > SIEM events are sent to the SOAR, where playbooks written by the security team use workflow automation to investigate and respond to the alerts.

The hackers and criminals are playing hardball – so here’s a cloud SIEM playbook to help you fight back
2020-09-28 17:00

Incident response and detection is a critical part of your security operation - it's hard to defend against what you can't see, particularly when your attack surface now extends from on-prem and into the cloud. Do you feel like it's the criminals and hackers who have grabbed all the benefits of moving to the cloud, being able to scale up their operations at will, leverage technologies like machine learning and AI, and exploit vulnerabilities left as target organizations hybridize their own operations.

Exabeam customers can now license its cloud SIEM technology by use case
2020-08-04 23:15

Exabeam customers can now license its cloud SIEM technology by use case, beginning with licensable use cases for expedited insider threat and compromised credential detection. To simplify the process of acquiring and installing critical security content, the company is unveiling the new Exabeam Content Library, an easy-to-use security content repository to help organisations deploy advanced use cases more efficiently.

Week in review: MacOS ransomware, attackers bypassing WAFs, how to select a SIEM solution
2020-07-05 13:10

How do I select a SIEM solution for my business?To select an appropriate SIEM solution for your business, you need to think about a variety of factors. New EvilQuest macOS ransomware is a smokescreen for other threatsA new piece of ransomware dubbed EvilQuest is being delivered bundled up with pirated versions of popular macOS software, researchers warned.

How do I select a SIEM solution for my business?
2020-07-01 05:00

To select an appropriate SIEM solution for your business, you need to think about a variety of factors. Many organizations are now migrating their SIEM to the cloud, which allows analysts to harness greater compute power, sift through, interpret and operationalize SIEM data.

Integrating a SIEM solution in a large enterprise with disparate global centers
2020-05-22 04:30

Given the magnitude and complexity of the tasks performed by a SIEM solution, integrating it into the existing information security architecture of an enterprise can be daunting, especially when it comes to a large enterprise with multiple, disparate centers spread across the globe. When it comes to a large enterprise with a global presence, the complexity only compounds further! Here's a look at some common mistakes that organizations commit while implementing a SIEM solution, which can later snowball into major threats.