SIEM, log management and big data security analytics

Scanning and interpreting the plethora of alerts and logs produced each day by various stand-alone network devices isn't humanly possible. Learn how to use security information and event management (SIEM) technology and security analytics to a analyze vast amounts of data and provide real-time threat and incident response.

March 04, 2021 04 Mar'21
Microsoft's security roadmap goes all-in on 365 Defender

Microsoft 365 Defender's new threat analytics feature includes step-by-step reports on attacks, vulnerabilities and more, as well as links to relevant alerts in each report.
February 24, 2020 24 Feb'20
Cisco launches SecureX platform for integrated security

At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.
December 26, 2019 26 Dec'19
Siemplify looks to streamline security operations for enterprises

Siemplify aims to become the security equivalent of Salesforce. Chief strategy officer Nimmy Reichenberg discusses the company's plans for 2020 and the obstacles it faces.
November 21, 2019 21 Nov'19
IBM Cloud Pak for Security aims to unify hybrid environments

IBM Security is shifting its strategy with a new Cloud Pak designed specifically to unify data from multiple security tools and vendors through accessing federated data.

Bring yourself up to speed with our introductory content

SIEM vs. SOAR vs. XDR: Evaluate the differences

SIEM, SOAR and XDR share similar definitions, but each has distinct drawbacks. Learn what each offers and how they differ for help deciding which to deploy in your company. Continue Reading
What are port scan attacks and how can they be prevented?

Port scans provide data on how networks operate. In the wrong hands, this info could be part of a larger malicious scheme. Learn how to detect and defend against port scan attacks. Continue Reading
SOAR (security orchestration, automation and response)

SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events without human assistance. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Security observability tools step up threat detection, response

A step beyond security monitoring are security observability tools, which provide greater context into the events of an incident to perform a more effective response. Continue Reading
How to build a cloud security observability strategy

Security observability in the cloud involves more than workload monitoring. Read up on the essential observability components and tools needed to reap the security benefits. Continue Reading
Top 6 SOAR uses cases to implement in enterprise SOCs

Automating basic SOC workflows with SOAR can improve an organization's security posture. Explore six SOAR use cases to streamline SOC processes and augment human analysts. Continue Reading

Learn to apply best practices and optimize your operations.

2021 IT priorities require security considerations

AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading
Building an effective security operations center framework

An effective security operations center framework combines monitoring and analysis platforms and threat intelligence services to help organizations respond to risks quickly. Continue Reading
Key SOC metrics and KPIs: How to define and use them

Enterprises struggle to get the most out of their security operation centers. Using the proper SOC metrics and KPIs can help. Learn how to define and benefit from them here. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to address and prevent security alert fatigue

An influx of false positive security alerts can lead infosec pros to overlook real threats. Learn how to avoid security alert fatigue and avoid its potential consequences. Continue Reading
Considerations for SIEM logging software and storage

SIEM systems aggregate a lot of data across all types of infrastructure. For regular audits, admins should address notification settings, analysis protocols and storage locations. Continue Reading
How to prepare for ransomware and phishing attacks

Follow these best practices to properly prepare for ransomware and phishing attacks, as well as further steps to stay secure in the face of a pandemic or widespread health event. Continue Reading