Security Information and Event Management (SIEM) – Page 2

SOCs Spend 32% of the Day On Incidents That Pose No Threat

Posted on June 6, 2023 by Josh Nadeau

When it comes to the first line of defense for any company, its Security Operations Center (SOC) is an essential component. A SOC is a dedicated team of professionals who monitor networks and systems for potential threats, provide analysis of detected issues and take the necessary actions to remediate any risks they uncover. Unfortunately, SOC […]

The post SOCs Spend 32% of the Day On Incidents That Pose No Threat appeared first on Security Intelligence.

Continue reading SOCs Spend 32% of the Day On Incidents That Pose No Threat→

Detecting Insider Threats: Leverage User Behavior Analytics

Posted on June 2, 2023 by Joy Wang

Employees often play an unwitting role in many security incidents, from accidental data breaches to intentional malicious attacks. Unfortunately, most organizations don’t have the right protocols and processes to identify potential risks posed by their workforce. Based on a survey conducted by SANS Institute, 35% of respondents said they lack visibility into insider threats, while 30% […]

The post Detecting Insider Threats: Leverage User Behavior Analytics appeared first on Security Intelligence.

Continue reading Detecting Insider Threats: Leverage User Behavior Analytics→

How Zero Trust Changed the Course of Cybersecurity

Posted on April 17, 2023 by Jonathan Reed

For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition […]

The post How Zero Trust Changed the Course of Cybersecurity appeared first on Security Intelligence.

Continue reading How Zero Trust Changed the Course of Cybersecurity→

The Important Role of SOAR in Cybersecurity

Posted on April 3, 2023 by Sue Poremba

Understaffed security teams need all the help they can get, and they are finding that help through SOAR. SOAR — security orchestration, automation and response — is defined by Gartner as the “technologies that enable organizations to collect inputs monitored by the security operations team.” Gartner identifies a SOAR platform’s three prime functionalities: Threat and […]

The post The Important Role of SOAR in Cybersecurity appeared first on Security Intelligence.

Continue reading The Important Role of SOAR in Cybersecurity→

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

Posted on March 7, 2023 by Jennifer Gregory

Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies […]

The post SOAR, SIEM, SASE and Zero Trust: How They All Fit Together appeared first on Security Intelligence.

Continue reading SOAR, SIEM, SASE and Zero Trust: How They All Fit Together→

When Logs Are Out, Enhanced Analytics Stay In

Posted on December 22, 2022 by Jackie Lehmann

I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I asked. I spent the majority of my career in hardware — enterprise hardware, cloud hardware, […]

The post When Logs Are Out, Enhanced Analytics Stay In appeared first on Security Intelligence.

Continue reading When Logs Are Out, Enhanced Analytics Stay In→

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Posted on October 13, 2022 by Chris Meenan

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly […]

The post Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM appeared first on Security Intelligence.

Continue reading Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM→

How IBM Secured the 2022 US Open

Posted on September 21, 2022 by Jennifer Gregory

Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts […]

The post How IBM Secured the 2022 US Open appeared first on Security Intelligence.

Continue reading How IBM Secured the 2022 US Open→

Boost SAP Security With Zero Trust

Posted on July 19, 2022 by Ryan Throop

How can your organization improve its Systems Applications and Products (SAP) risk posture? Aligning with the key principles of zero trust through tangible and specific measures is one way. To begin, let’s define the principles of zero trust. We’ve all seen the types and breadth of zero trust out there. Which are most relevant to […]

The post Boost SAP Security With Zero Trust appeared first on Security Intelligence.

Continue reading Boost SAP Security With Zero Trust→

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

Posted on May 11, 2022 by Rich Erdmann

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data […]

The post MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be? appeared first on Security Intelligence.

Continue reading MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?→