Must-Have Features of a Modern SIEM

Initially, Security Information and Event Management (SIEM) solutions were readily adopted because of their capability to provide actionable insights into the deep corners of an organization’s network. Legacy SIEM systems helped in understanding when and where security incidents are happening in real-time. Soon enough, these SIEM systems faced an avalanche of false positives, and they required a dedicated team to filter out irrelevant alerts.

Investigate Stormshield & SonicWall Events with Cloud SIEM

Stormshield and SonicWall are popular firewalls used to monitor network traffic for malicious actors. Firewalls can help detect all kinds of attacks, like brute force logins, DDoS, and SQL Injection, but they just make up a piece of the security puzzle. Most teams will have many other security tools that address different kinds of vulnerabilities and attacks.

Secure Your Endpoints with Trend Micro &

Trend Micro Cloud One is a strong enterprise data security solution for data centers and cloud environments. Trend Micro’s advantages, like most other security tools, lie in its pairing with other security resources. That’s where comes in. It brings together disparate data that Trend Micro tracks to create fully summarized dashboards and extremely detailed ones with specific focuses.


Cybersecurity Experts Discuss: SIEM Enrichment

Ben Harrison, Director SOC and Security Services at Cygilant and Jake McCabe, CISSP, Presales Director at LogPoint discuss why SIEM enrichment is essential to cybersecurity and how it improves your SOC. A mountain of data doesn’t do businesses any good unless it is put to good use. This is why data enrichment is essential.

5 Things to Know When Choosing Open Source SIEM Tools

Security Information and Event Management (SIEM) tools focus on insights into IT environments and tracking records of all their operations. These IT environments can be application infrastructures, physical networks, and cloud networks. SIEM initially evolved from the log management discipline, which involved integrating security events with security information to collect, analyze, and report on activities in networks.

Sumo Logic Cloud SIEM overview

Sumo Logic's Cloud SIEM solution provides security analysts with enhanced visibility to seamlessly monitor their on-prem, hybrid, and multi-cloud infrastructures and thoroughly understand the impact and context of an attack. In addition to supporting a wide spectrum of security use cases, including audit & compliance, Sumo Logic fused analytics and SOC automation to perform security analyst workflows and automatically triage alerts—increasing human efficiencies and enabling analysts to focus on higher-value security functions.

Cybersecurity Experts Discuss: Frameworks & MITRE ATT&CK

Ben Harrison, Director SOC and Security Services, Cygilant and Jake McCabe, CISSP, Presales Director, LogPoint continue their discussion on modern SOC and SIEM by discussing frameworks. There are many cybersecurity frameworks examples, including NIST and ISO 27001, which provide a roadmap for organizations to protect themselves and their customers. The majority of these frameworks include SIEM, log management, and security detection.

Sponsored Post

Validating your IT environment, discovering browser extensions & more with EventSentry v4.2

This latest update to EventSentry improves your security posture with validation scripts, simplifies IT troubleshooting for both administrators and users, gives you visibility into installed browser extensions along with many other usability improvements in the web reports.


Data Management on Logsign SIEM: What you must know

Log data plays an unparalleled role in the operation and functioning of a SIEM solution. Or in other words, logs are intrinsic for an effective SIEM solution. Without incoming log data from a variety of different sources in your IT infrastructure, a SIEM essentially becomes useless. In our previous posts, we have explored a variety of features of Logsign SIEM concerning dashboards, reports, search queries, alerts, and behavior definitions.