SIEM can play a key role in aggregating log data for compliance or auditing purposes, but when it comes to identifying threat activity in an IT environment, nothing beats XDR, which excels at using advanced techniques to pinpoint threats in high volumes of data, says Secureworks' Ryan Alban.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
An open architecture, a single pane of glass and robust endpoint security are vital to fueling Trellix's growth in XDR, says Chief Product Officer Aparna Rayasam. Trellix has given customers a unified view into their security posture for configuration, reporting and forensic purposes.
Combining the back-end data analytics of Google Chronicle with Mandiant's ability to identify signals of abnormal behavior on the front-end is an unbeatable combination, John Watters says. Google agreed in March to purchase threat intelligence and incident response titan Mandiant for $5.4 billion.
President and CEO Hatem Naguib expects Barracuda Networks to pursue more midmarket growth opportunities in both North America and internationally under private equity firm KKR's tutelage. The company will move from Thoma Bravo to KKR's control for a reported $4 billion in a deal announced in April.
In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.
The company ePlus has purchased Future Com to strengthen its security operations strategy and support of managed services. The deal will allow ePlus to help customers evolve their security operations teams from correlating and analyzing logs to delivering advanced capabilities like threat hunting.
Swimlane has raised $70 million to expand its clientele beyond the Fortune 2000 and acquire more customers in Europe and Asia-Pacific. The company plans to hire more personnel focused on sales, marketing and partnerships to make the company's low-code security automation platform accessible.
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
Cribl has raised $150 million to drive the development of new features such as hosted versions of the company's technology. The company will build out separate tools for each piece of the observability process rather than forcing customers to purchase a bundle with features they don't care about.
How can teams eliminate analyst grunt work, resolve every security alert every day, and investigate and respond to security incidents faster than ever? - SOAR tool may provide solutions to these problems.