SIEM

How to Optimize SIEM for Better Cybersecurity and Incident Response

Oct 17, 2024 By iOPEX In iOPEX

Cybersecurity today is not just about defending against attacks. It’s about proactively managing risks in a landscape where threats are growing in volume and sophistication. With data volumes rising by 30% in just the past year and the average cost of a data breach now exceeding $4 million, traditional Security Information and Event Management (SIEM) systems are no longer enough.

Read Post

iOPEX

Read more about How to Optimize SIEM for Better Cybersecurity and Incident Response

Cribl and CrowdStrike Deepen Partnership with Falcon Next-Gen SIEM integration

Oct 3, 2024 By Ryan Conway In Cribl

Cribl is The Data Engine for Security and IT data, and integrations fuel our mission. Since day one, Cribl has been delivering new Stream integrations to meet customers where they are in their data management journey. No matter where customer data resides or needs to go, we want to be there for every customer. It’s your data, and Cribl was created to help you unlock it.

Read Post

Cribl

Read more about Cribl and CrowdStrike Deepen Partnership with Falcon Next-Gen SIEM integration

Drowning in Your SIEM's Archive? Save on Costs and Get Quick Access to Data With Cribl Lake

Sep 19, 2024 By Rick Salsa In Cribl

We hear it often—data volumes are growing at a 28% compound annual growth rate (CAGR) year over year, and organizations struggle to manage it all. With no additional money in their budgets, they can’t afford to store more and more data in their SIEM, which in most cases means being uncompliant or, worse, not having older data readily available in the case of a recently discovered breach. I’ve repeatedly heard that the data they have archived is practically inaccessible.

Read Post

Cribl

Read more about Drowning in Your SIEM's Archive? Save on Costs and Get Quick Access to Data With Cribl Lake

A Next-Gen Partnership with CrowdStrike's Falcon Next-Gen SIEM

Sep 17, 2024 By Michelle Zhang In Cribl

In an increasingly digital world, organizations face complex challenges in managing their security data that’s growing at a relentless pace. With the rapid growth of cyber assets and the ever-present threat of sophisticated attacks, legacy security tools often struggle to keep up.

Read Post

Cribl

Read more about A Next-Gen Partnership with CrowdStrike's Falcon Next-Gen SIEM

How to integrate Okta logs with Grafana Loki for enhanced SIEM capabilities

Aug 7, 2024 By Mostafa Moradian In Grafana

Identity providers (IdPs) such as Okta play a crucial role in enterprise environments by providing seamless authentication and authorization experiences for users accessing organizational resources. These interactions generate a massive volume of event logs, containing valuable information like user details, geographical locations, IP addresses, and more. These logs are essential for security teams, especially in operations, because they’re used to detect and respond to incidents effectively.

Read Post

Grafana

Read more about How to integrate Okta logs with Grafana Loki for enhanced SIEM capabilities

Can the EventSentry Agents cause the same outage & disruption like the CrowdStrike Falcon sensor did?

Jul 25, 2024 By ingmar.koecher In EventSentry

The faulty Rapid Response Content CrowdStrike update that disabled millions of Windows machines across the globe on 7/19/2024 was any IT professional’s nightmare. Having to manually visit and restore each affected machine (further complicated by BitLocker) severely limited the recovery speed, especially for businesses with remote locations, TVs, kiosks, etc.

Read Post

EventSentry

Read more about Can the EventSentry Agents cause the same outage & disruption like the CrowdStrike Falcon sensor did?

Understanding Security Log Analytics vs. SIEM for Midsized Companies Targeted by Cybercriminals

Jul 25, 2024 By Dave Armlin In ChaosSearch

SecOps teams at midsize companies face a unique set of challenges when it comes to managing organizational cybersecurity. Midsize companies (those with 100-999 employees and $50 million-$1 billion in annual revenue, according to Gartner) possess significant financial resources and valuable data that may be targeted by digital adversaries.

Read Post

ChaosSearch

Read more about Understanding Security Log Analytics vs. SIEM for Midsized Companies Targeted by Cybercriminals

From Necessity to Opportunity: The Customer Push for SIEM Options

Jul 23, 2024 By Nick Heudecker In Cribl

The SIEM market attracts attention for a variety of reasons. First, it is dominated by a number of large players but there are a range of smaller companies vying for market share. It is also a market generally accessible to new entrants. There’s always a new company pitching a different spin on SIEM, whether it’s a new architectural model in the cloud, faster analytics from running on a third-party data warehouse, or leaning into new, undefined terms like a security data fabric.

Read Post

Cribl

Read more about From Necessity to Opportunity: The Customer Push for SIEM Options

5 Security Logging and Monitoring Mistakes to Avoid

Jun 28, 2024 By David Bunting In ChaosSearch

As cybersecurity attack vectors evolve, security logging and monitoring are becoming even more important. Effective logging and monitoring enables organizations to detect and investigate security incidents quickly. Cloud-based attackers are getting more sophisticated, and often rely on stolen credentials to escalate privileges and move laterally within corporate IT networks. Many do so undetected, which is why modern IT systems require a watchful eye on log data to detect suspicious activity and inform incident response efforts.

Read Post