SIEM, log management and big data security analytics

Scanning and interpreting the plethora of alerts and logs produced each day by various stand-alone network devices isn't humanly possible. Learn how to use security information and event management (SIEM) technology and security analytics to a analyze vast amounts of data and provide real-time threat and incident response.

February 24, 2020 24 Feb'20
Cisco launches SecureX platform for integrated security

At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.
December 26, 2019 26 Dec'19
Siemplify looks to streamline security operations for enterprises

Siemplify aims to become the security equivalent of Salesforce. Chief strategy officer Nimmy Reichenberg discusses the company's plans for 2020 and the obstacles it faces.
November 21, 2019 21 Nov'19
IBM Cloud Pak for Security aims to unify hybrid environments

IBM Security is shifting its strategy with a new Cloud Pak designed specifically to unify data from multiple security tools and vendors through accessing federated data.
October 30, 2019 30 Oct'19
Splunk Mission Control launch enables a unified SOC

Mission Control is intended to unify Splunk Enterprise Security, Splunk Phantom and Splunk User Behavior Analytics into the Splunk Security Operations Suite.

Bring yourself up to speed with our introductory content

SOAR (Security Orchestration, Automation and Response)

SOAR (Security Orchestration, Automation and Response) is a solution stack of compatible software programs that allow an organization to collect data about security threats, and respond to low-level security events without human assistance. Continue Reading
Try this cybersecurity quiz, test your cyberdefense smarts

Based on the November 2020 issue of Information Security magazine, this 10-question quiz lets you check your comprehensive knowledge of current security issues and earn CPE credit too. Continue Reading
AI in security analytics is the enhancement you need

AI-powered analytics is critical to an effective, proactive security strategy. Learn how AI-enabled tools work and what your organization needs to do to reap their benefits. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading
How cloud-based SIEM tools benefit SOC teams

It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading
Compare 5 SecOps certifications and training courses

Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat monitoring and incident response. Continue Reading

Learn to apply best practices and optimize your operations.

2021 IT priorities require security considerations

AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading
Building an effective security operations center framework

An effective security operations center framework combines monitoring and analysis platforms and threat intelligence services to help organizations respond to risks quickly. Continue Reading
Key SOC metrics and KPIs: How to define and use them

Enterprises struggle to get the most out of their security operation centers. Using the proper SOC metrics and KPIs can help. Learn how to define and benefit from them here. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to address and prevent security alert fatigue

An influx of false positive security alerts can lead infosec pros to overlook real threats. Learn how to avoid security alert fatigue and avoid its potential consequences. Continue Reading
Considerations for SIEM logging software and storage

SIEM systems aggregate a lot of data across all types of infrastructure. For regular audits, admins should address notification settings, analysis protocols and storage locations. Continue Reading
How to prepare for ransomware and phishing attacks

Follow these best practices to properly prepare for ransomware and phishing attacks, as well as further steps to stay secure in the face of a pandemic or widespread health event. Continue Reading