Operations | Monitoring | ITSM | DevOps | Cloud

You Can't Detect What You Never Collect: Telemetry Coverage in the Agentic SOC

Every detection rule, every threat hunt, every AI agent you deploy rests on one silent assumption: that the data describing an attack actually reached your tools. When it doesn’t, nothing above it can save you, and no one gets an alert that the data was missing. Security teams invest heavily in the sharp end of the stack: detection content, threat intelligence, response playbooks, and increasingly, AI agents to triage and investigate at machine speed.

Sanctioned Isn't Secured: The AI Audit Logs Your SIEM Never Sees

Your organization has approved AI platforms for development, data science, and productivity. Procurement signed off. Legal reviewed the terms. Employees are using them. The tools are sanctioned. What isn’t sanctioned is invisibility. The administrative layer of every AI platform in your environment — OpenAI, Amazon Bedrock, Google Gemini, Cursor, Databricks, Glean and others — generates security-relevant events that your SIEM has never seen.

DataStream 2.0: Faster, Smarter, Built for Scale

June 19, 2026 This is not a regular monthly update. DataStream Version 2.0 is a milestone — the result of relentless building, learning from customers, and pushing the platform toward what enterprise-scale security operations actually demand. The core has been rebuilt, new capabilities have been added across the board, and the platform is now faster, more resilient, and more extensible than ever. Here’s what’s new.

The AI Zero-Day Wave Is Here. Is Your Logging Infrastructure Ready?

Last week, the cybersecurity industry received a signal it cannot afford to ignore. Anthropic announced Claude Mythos Preview: a general-purpose frontier AI model that, without any explicit training for the task, autonomously discovered and fully exploited zero-day vulnerabilities across every major operating system and web browser. Not theoretical capabilities.

VirtualMetric DataStream - Turn Chaos Into Clarity

Security teams lose time and detection quality to the same root cause: inconsistent, noisy, poorly structured data. VirtualMetric DataStream is a security data pipeline platform that fixes the data layer — so your SIEM, data lake, and analytics tools get clean, normalized, actionable telemetry. What DataStream delivers: The result: reliable security telemetry, faster threat correlation, and stronger detections across your entire stack.

VirtualMetric DataStream: Full setup from scratch in 14 minutes (v1.8.0)

From free trial signup to live security telemetry flowing into Microsoft Sentinel — this demo covers the full DataStream setup end to end, in under 14 minutes. No pre-built environment, no shortcuts. Watch the step-by-step tutorials.

Real-Time Visibility, Orchestrated Deployments, and More

The latest VirtualMetric DataStream release brings a significant step forward in platform observability and deployment flexibility. Version 1.9.0 gives security and infrastructure teams direct visibility into what’s happening across their pipelines in real time while expanding support for cloud-native environments and broadening connectivity options. Here’s what’s new.

VirtualMetric DataStream + Splunk: Pre-Ingest CIM Normalization Without the TA Tax

Splunk is built around a deceptively simple premise: get your data in, search it, and act on it. In practice, the gap between “get your data in” and “data that actually works in Splunk ES” is where most of the engineering effort goes. CIM normalization is non-trivial. Technology Add-on development is slow. Volume-based licensing penalizes growth. And the combination means that as environments expand, Splunk becomes harder to operate efficiently.