IBM QRadar SIEM – Page 2 – WindowsTechs.com

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Posted on October 13, 2022 by Chris Meenan

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly […]

The post Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM appeared first on Security Intelligence.

Continue reading Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM→

How IBM Secured the 2022 US Open

Posted on September 21, 2022 by Jennifer Gregory

Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts […]

The post How IBM Secured the 2022 US Open appeared first on Security Intelligence.

Continue reading How IBM Secured the 2022 US Open→

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

Posted on May 11, 2022 by Rich Erdmann

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data […]

The post MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be? appeared first on Security Intelligence.

Continue reading MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?→

Integrating IAM and SIEM to Boost Event and Anomaly Detection

Posted on March 16, 2022 by Tobias Ernstberger

Sending information from your identity and access management (IAM) system to your security information and event management (SIEM) system can help you to find events and anomalies that you might not find otherwise. This can help you detect that an attacker has breached your systems. Your SIEM system might already be collecting a lot of […]

The post Integrating IAM and SIEM to Boost Event and Anomaly Detection appeared first on Security Intelligence.

Continue reading Integrating IAM and SIEM to Boost Event and Anomaly Detection→

Taking Threat Detection and Response to the Next Level with Open XDR

Posted on November 2, 2021 by Chris Meenan

The challenges facing today’s security industry can easily be described as a perfect storm: increasingly sophisticated cyber attackers combined with the proliferation of security tools to cover an expanding attack surface driven by remote work and cloud adoption. These dynamics can lead to disconnected insights and data, putting even more pressure on the existing shortage […]

The post Taking Threat Detection and Response to the Next Level with Open XDR appeared first on Security Intelligence.

Continue reading Taking Threat Detection and Response to the Next Level with Open XDR→

What’s Next for SIEM? A View From the 2021 Gartner SIEM Magic Quadrant

Posted on July 7, 2021 by Chris Meenan

Security information and event management (SIEM) solutions continue to evolve, as shown in the 2021 Gartner Magic Quadrant for SIEM, which is a great representation of the changing security landscape and the evolution of key capabilities and experiences that are required to deliver top notch security outcomes. Security teams are busier than ever, as their […]

The post What’s Next for SIEM? A View From the 2021 Gartner SIEM Magic Quadrant appeared first on Security Intelligence.

Continue reading What’s Next for SIEM? A View From the 2021 Gartner SIEM Magic Quadrant→

Zero Trust and Insider Threats: Was Brutus the Original Bad Actor?

Posted on May 6, 2021 by Milan Patel

Insider threats have been a problem for as long as there have been insiders. What’s changed over time? Well, for one, Brutus and his conspirators didn’t exactly leave a trail of logs and flows when they plotted against Julius Caesar and the Roman Republic. Fast forward 2,000 years, and there’s a good news/bad news update […]

The post Zero Trust and Insider Threats: Was Brutus the Original Bad Actor? appeared first on Security Intelligence.

Continue reading Zero Trust and Insider Threats: Was Brutus the Original Bad Actor?→

Alert Fatigue: How AI Can Help You Address Your Most Important Alerts

Posted on May 3, 2021 by Jennifer Gregory

When someone says the word hurricane, I hear the shrill weather-alert warning sound in my head. Having grown up in Florida and now living in North Carolina, I’ve been through many hurricanes and have the routine down — stock up on supplies and hurricane snacks, bring in the patio furniture, fill up the cars with […]

The post Alert Fatigue: How AI Can Help You Address Your Most Important Alerts appeared first on Security Intelligence.

Continue reading Alert Fatigue: How AI Can Help You Address Your Most Important Alerts→

Cloud Native Tools Series Part 3: Get the Right Tools

Posted on April 21, 2021 by David Bisson

As we near the end of our journey into cloud native tools, let’s take a look at visibility. In a previous post, I discussed how business entities need to understand their end of the Amazon Web Services (AWS) shared security model to uphold their cloud defense duties. This knowledge can help them safeguard their digital […]

The post Cloud Native Tools Series Part 3: Get the Right Tools appeared first on Security Intelligence.

Continue reading Cloud Native Tools Series Part 3: Get the Right Tools→

What Is SIEM and How Does it Work? The Past, Present and Future

Posted on April 20, 2021 by Wendy Willner

Security information and event management (SIEM) solutions provide organizations centralized visibility into their IT and even sometimes OT environments. At a high level, a SIEM turns data into actionable insights by: Ingesting a vast amount of event data from across the enterprise, including on-premise and cloud-based environments; Applying real-time analytics to aggregate related security events […]

The post What Is SIEM and How Does it Work? The Past, Present and Future appeared first on Security Intelligence.

Continue reading What Is SIEM and How Does it Work? The Past, Present and Future→