User interface design


View All News

SIEM Get Started

Bring yourself up to speed with our introductory content

View All Get Started

Evaluate SIEM Vendors & Products

Weigh the pros and cons of technologies, products and projects you are considering.

View All Evaluate

Manage SIEM

Learn to apply best practices and optimize your operations.

  • MSSPs add advanced threats as managed security services gain hold

    Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading

  • Meet security goals by avoiding threat intel and analytics mistakes

    Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics. Continue Reading

  • Cloud governance model still behind services

    A lot of the cloud adoption in organizations has happened in an organic fashion with little to no IT involvement and even less policy oversight. In most cases, the security, policy and cloud governance model you implement will be somewhat retroactive in nature, says Chris Pogue, CISO at Nuix.

    Among the challenges in these environments is a lack of standards for evaluating a vendor's risk management and cloud governance model. This month, Information Security magazine looks at steps to help security professionals gain more insight when employees are migrating critical applications and data to the cloud.

    Evaluating the security postures of cloud providers, vendors and business partners is a constant dance with the details. Security professionals need specific information that they may not get. We look at enterprise security ratings services akin to what Equifax, Experian and TransUnion do in the financial sector to provide credit ratings for individual consumers. Although the security ratings services are just starting to emerge, these reporting tools may offer another view into the security postures of third parties, and in the board room.

    Farsight Security CEO Paul Vixie joins us to discuss the latest research on threats to domain name systems. As talk of digital transformation continues, internet security and cloud governance models will remain top of mind for executives. "Now, IT is the big risk, and we are not looking at the old risks anymore now that the internet has connected everybody to everybody," Vixie says.

     Continue Reading

View All Manage

Problem Solve SIEM Issues

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

  • Building a threat intelligence program? How to avoid the 'feed' frenzy

    Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response. Continue Reading

  • Insider Edition: Improved threat detection and incident response

    The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some not yet identified. The trick is to get a grasp on what's most likely to breach your system, ensure that you're alerted when it does and know what you're going to do about it when it happens. To achieve this, you need to have a security incident response plan in place. As part of this plan, set up good policies and coordinated responses, making sure your IR tools are the most capable possible, including those that can automate aspects of the security incident response process.

    This Insider Edition of Information Security magazine focuses on how to minimize cyber-risk through threat detection and incident response. Security pros will find the latest information on options for IR tools and other ideas on making your incident response process as effective as it can be.

     Continue Reading

  • DevOps and security promises better apps, infrastructures

    DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and security, or what is called DevSecOps, promises to solve this problem, reducing the time and effort required to fix security issues that could have been avoided altogether. An added bonus: DevSecOps promises to overturn longstanding views among some developers that security is an obstacle, not an aid, to good software development.

    Beyond embedding security controls in the software development process, DevSecOps also involves using configuration management tools, monitoring logs and events, and performing vulnerability assessments. The end result is more secure applications and infrastructures.

    This e-publication offers an in-depth look at what is involved in combining DevOps and security. Readers will come away with a deeper understanding of the promises DevSecOps offers and how it works.

     Continue Reading

View All Problem Solve