SIEM, log management and big data security analytics

Scanning and interpreting the plethora of alerts and logs produced each day by various stand-alone network devices isn't humanly possible. Learn how to use security information and event management (SIEM) technology and security analytics to a analyze vast amounts of data and provide real-time threat and incident response.

March 04, 2021 04 Mar'21
Microsoft's security roadmap goes all-in on 365 Defender

Microsoft 365 Defender's new threat analytics feature includes step-by-step reports on attacks, vulnerabilities and more, as well as links to relevant alerts in each report.
February 24, 2020 24 Feb'20
Cisco launches SecureX platform for integrated security

At RSA Conference 2020, Cisco unveiled SecureX, which integrates the vendor's security portfolio into a single platform with enhanced visibility and automation.
December 26, 2019 26 Dec'19
Siemplify looks to streamline security operations for enterprises

Siemplify aims to become the security equivalent of Salesforce. Chief strategy officer Nimmy Reichenberg discusses the company's plans for 2020 and the obstacles it faces.
November 21, 2019 21 Nov'19
IBM Cloud Pak for Security aims to unify hybrid environments

IBM Security is shifting its strategy with a new Cloud Pak designed specifically to unify data from multiple security tools and vendors through accessing federated data.

Bring yourself up to speed with our introductory content

SOAR (security orchestration, automation and response)

SOAR (security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events without human assistance. Continue Reading
How to set up Palo Alto security profiles

Learning how to build and implement security profiles and policies can help novice admins make sure they use Palo Alto Networks firewalls effectively to protect their network. Continue Reading
Author's advice on Palo Alto firewall, getting started

Interfaces, licenses, policies -- getting started with a Palo Alto Networks firewall can be confusing. Here, the author of 'Mastering Palo Alto Networks' offers his advice. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Top 6 SOAR uses cases to implement in enterprise SOCs

Automating basic SOC workflows with SOAR can improve an organization's security posture. Explore six SOAR use cases to streamline SOC processes and augment human analysts. Continue Reading
Top benefits of SOAR tools, plus potential pitfalls to consider

To ensure successful adoption, IT leaders need to understand the benefits of SOAR tools, as well as potential disadvantages. Explore pros, cons and how to measure SOAR success. Continue Reading
SOAR vs. SIEM: What's the difference?

When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading

Learn to apply best practices and optimize your operations.

2021 IT priorities require security considerations

AI, IoT and 5G are among the top IT priorities for CIOs and CTOs in 2021. Is your team prepared to address each tech's security needs? Continue Reading
Building an effective security operations center framework

An effective security operations center framework combines monitoring and analysis platforms and threat intelligence services to help organizations respond to risks quickly. Continue Reading
Key SOC metrics and KPIs: How to define and use them

Enterprises struggle to get the most out of their security operation centers. Using the proper SOC metrics and KPIs can help. Learn how to define and benefit from them here. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

How to address and prevent security alert fatigue

An influx of false positive security alerts can lead infosec pros to overlook real threats. Learn how to avoid security alert fatigue and avoid its potential consequences. Continue Reading
Considerations for SIEM logging software and storage

SIEM systems aggregate a lot of data across all types of infrastructure. For regular audits, admins should address notification settings, analysis protocols and storage locations. Continue Reading
How to prepare for ransomware and phishing attacks

Follow these best practices to properly prepare for ransomware and phishing attacks, as well as further steps to stay secure in the face of a pandemic or widespread health event. Continue Reading