Security Information and Event Management (SIEM) – Page 2

The Important Role of SOAR in Cybersecurity

Posted on April 3, 2023 by Sue Poremba

Understaffed security teams need all the help they can get, and they are finding that help through SOAR. SOAR — security orchestration, automation and response — is defined by Gartner as the “technologies that enable organizations to collect inputs monitored by the security operations team.” Gartner identifies a SOAR platform’s three prime functionalities: Threat and […]

The post The Important Role of SOAR in Cybersecurity appeared first on Security Intelligence.

Continue reading The Important Role of SOAR in Cybersecurity→

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

Posted on March 7, 2023 by Jennifer Gregory

Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies […]

The post SOAR, SIEM, SASE and Zero Trust: How They All Fit Together appeared first on Security Intelligence.

Continue reading SOAR, SIEM, SASE and Zero Trust: How They All Fit Together→

When Logs Are Out, Enhanced Analytics Stay In

Posted on December 22, 2022 by Jackie Lehmann

I was talking to an analyst firm the other day. They told me that a lot of organizations purchase a security information and event management (SIEM) solution and then “place it on the shelf.” “Why would they do that?” I asked. I spent the majority of my career in hardware — enterprise hardware, cloud hardware, […]

The post When Logs Are Out, Enhanced Analytics Stay In appeared first on Security Intelligence.

Continue reading When Logs Are Out, Enhanced Analytics Stay In→

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Posted on October 13, 2022 by Chris Meenan

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly […]

The post Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM appeared first on Security Intelligence.

Continue reading Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM→

How IBM Secured the 2022 US Open

Posted on September 21, 2022 by Jennifer Gregory

Throughout the US Open Tennis Championship, the infrastructure for USOpen.org and the mobile apps can see upwards of 3 million security events. While the vast majority of events are not serious, security analysts must quickly determine which are concerning to take immediate action. However, with such a large volume and variety of data, security analysts […]

The post How IBM Secured the 2022 US Open appeared first on Security Intelligence.

Continue reading How IBM Secured the 2022 US Open→

Boost SAP Security With Zero Trust

Posted on July 19, 2022 by Ryan Throop

How can your organization improve its Systems Applications and Products (SAP) risk posture? Aligning with the key principles of zero trust through tangible and specific measures is one way. To begin, let’s define the principles of zero trust. We’ve all seen the types and breadth of zero trust out there. Which are most relevant to […]

The post Boost SAP Security With Zero Trust appeared first on Security Intelligence.

Continue reading Boost SAP Security With Zero Trust→

MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?

Posted on May 11, 2022 by Rich Erdmann

The MITRE ATT&CK threat framework is seemingly everywhere these days, and with good reason. It is an invaluable tool for understanding the various methods, or as MITRE refers to them Tactics and Techniques, employed by threat actors. It offers annotated and curated details about those methods, and it provides the capability to visualize this data […]

The post MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be? appeared first on Security Intelligence.

Continue reading MITRE ATT&CK and SIEM Rules: What Should Your Expectations Be?→

Integrating IAM and SIEM to Boost Event and Anomaly Detection

Posted on March 16, 2022 by Tobias Ernstberger

Sending information from your identity and access management (IAM) system to your security information and event management (SIEM) system can help you to find events and anomalies that you might not find otherwise. This can help you detect that an attacker has breached your systems. Your SIEM system might already be collecting a lot of […]

The post Integrating IAM and SIEM to Boost Event and Anomaly Detection appeared first on Security Intelligence.

Continue reading Integrating IAM and SIEM to Boost Event and Anomaly Detection→

A Journey in Organizational Resilience: The Data Life Cycle

Posted on November 15, 2021 by George Platsis

With so many efforts focused on restoring systems, applications and workloads, it is easy to miss an important piece: the data that makes business processes possible. A fully restored system is as good as offline if you don’t have the data required to work. Let’s face it: in the past, technology drove business capabilities. Today, […]

The post A Journey in Organizational Resilience: The Data Life Cycle appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: The Data Life Cycle→

A Journey in Organizational Resilience: Supply Chain and Third Parties

Posted on November 8, 2021 by George Platsis

The next stop on our journey focuses on those that you rely on: supply chains and third parties. Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call when it comes to cybersecurity resilience. You see, the purpose of using external partners is […]

The post A Journey in Organizational Resilience: Supply Chain and Third Parties appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Supply Chain and Third Parties→