How open source SIEM and XDR tackle evolving threats

October 9, 2024 at 12:11PM Today’s cybersecurity landscape demands advanced solutions like Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) to combat evolving threats. Open-source platforms, such as Wazuh, offer cost-effective, scalable, and customizable security, enabling organizations to enhance threat detection and response through real-time monitoring and automated capabilities. **Meeting Takeaways: … Read more

Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills

July 16, 2024 at 05:50PM The top three technologies for new hires in enterprise security operations centers (SOCs) are SIEM, host-based extended detection and response, and vulnerability remediation. Additionally, hard skills such as cloud security, PowerShell expertise, and automation are highly valued. Soft skills like critical thinking, problem solving, attention to detail, and communication are … Read more

Guide to Better Extended Threat Detection and Response (XDR)

June 4, 2024 at 03:46PM The text is a guide to Extended Threat Detection and Response (XDR) by Trend Micro. It discusses the challenges faced by security teams, the need for efficient threat detection, and the benefits of XDR. It also explains different approaches, such as Native, Open, and Hybrid, and provides considerations for selecting … Read more

Exploit released for maximum severity Fortinet RCE bug, patch now

May 28, 2024 at 12:25PM Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiSIEM solution, impacting versions 6.4.0 and higher. Tracked as CVE-2024-23108, the flaw enables remote command execution as root without authentication. This PoC exploit could allow attackers to execute unauthorized commands and must be addressed promptly to … Read more

Snowflake’s Anvilogic Investment Signals Changes in SIEM Market

May 22, 2024 at 03:50PM Snowflake and Anvilogic have deepened their partnership with a joint offering targeting business customers using Snowflake’s data storage and analytics software. The companies claim their solution would reduce costs by 50-80% and replace legacy SIEM platforms. The partnership reflects the growing importance of effective data management in cybersecurity. However, challenges … Read more

CISOs Grapple With IBM’s Unexpected Cybersecurity Software Exit

May 17, 2024 at 06:31PM IBM has agreed to sell its QRadar SaaS portfolio to Palo Alto Networks, impacting CISOs’ procurement plans and vendor relationships. This deal, expected to close by September, includes a partnership for IBM Consulting to become a preferred MSSP for Palo Alto Networks customers. Customers now face decisions about migration paths … Read more

Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam 

May 15, 2024 at 02:06PM LogRhythm, owned by Thoma Bravo, plans to merge with rival Exabeam in a significant development in the SIEM landscape. The financial terms were not disclosed, but Exabeam’s recent valuation was $2.5 billion. The merged entity aims to leverage AI-driven security operations and bring enhanced R&D investments, product innovation, and expanded … Read more

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

May 13, 2024 at 06:22AM In the last decade, IT and cybersecurity have seen a growing gap between front-line analysts and senior management, leading to challenges like high alert volumes and false positives. The SHQ Response Platform offers AI-driven log correlation and visualization to streamline incident investigation, leading to proactive risk mitigation and a more … Read more

Network Security Firm Corelight Raises $150 Million

May 2, 2024 at 10:03AM Corelight, an NDR company, secures $150M in Series E funding round led by Accel, with support from Cisco Investments and CrowdStrike Falcon Fund. The San Francisco-based company, offering network traffic analysis and ground truth evidence of adversarial activity, plans to accelerate AI-driven security innovation and cloud-native security capabilities, in addition … Read more

Multi-Data Platform SIEM Anvilogic Raises $45 Million

April 18, 2024 at 12:40PM Anvilogic, an AI-based multi-data platform SIEM, raised $45 million in Series C funding led by Evolution Equity Partners. Founded in 2019, the Palo Alto firm’s technology allows organizations to query and use data for detection and analytics, aiding in threat detection for airlines, banks, and large tech companies. The funding … Read more