Security Operations & Analytics

Security Analytics: It’s All About the Data

Security data collection, processing, and analysis has exploded over the past five years. In fact, recent ESG research into security

How to Close SIEM Visibility Gaps Created by Legacy Apps

As companies get better at analyzing log data to spot potential security threats, legacy applications create blindspots that can be

Review: LogRhythm Takes SIEM to the Next Level

When they were first created, Security Information and Event Manager (SIEM) platforms solved a big problem in cybersecurity: Too many

Most Important Cyber Incident Response Tools List for Ethical Hackers and Penetration Testers

Cyber Incident Response Tools are more often used by security industries to test the vulnerabilities and provide an emergency incident

OpenC2 can Accelerate Security Operations, Automation, and Orchestration

Over the past few years, ESG has promoted the security operations and analytics platform architecture (SOAPA). Just what is SOAPA?

How Security Operations Centers Are Adapting to the Cloud Era

As more and more critical business functions depart the on-premises environment for the cloud, security operations centers (SOCs) face tough

Review: JASK ASOC Isn’t Just Another Overloaded SIEM

When security information and event management (SIEM) systems were invented, they filled an incredible need in cybersecurity. At the time,

12 Top SIEM Tools Rated and Compared

Security information and event management (SIEM) is a blue-collar tool for network security professionals. There’s nothing remotely glamorous about auditing,

Splunk Addressed Several Vulnerabilities in Enterprise and Light Products

Splunk recently addressed several vulnerabilities in Enterprise and Light products, some of them have been rated “high severity.” Splunk Enterprise

Zeek: A Free, Powerful Way to Monitor Networks, Detect Threats

It’s common in many organizations for network and security operations to exist in silos. This may have been OK a

Gartner Names Demisto ‘Cool Vendor’ in Security Ops & Vulnerability Management

According to Gartner, “Future security operations, incident response and threat intelligence teams will use more automation and more consistent processes,

The Evolution of Security Operations, Automation and Orchestration

The market for security operations, automation and orchestration products is rapidly maturing. The most recent proof point of this maturation

SC Magazine Names Aruba IntroSpect UEBA as Industry’s Finest for Detecting Advanced Cyberattacks

Aruba, a Hewlett Packard Enterprise company (NYSE: HPE), announced that SC Magazine, named Aruba IntroSpect as this year’s best product

Enterprise Plans for Security Automation and Orchestration

With the global cybersecurity skills shortage hanging over them, CISOs are turning to security automation and orchestration technologies to improve

Getting The Most Out of Your SIEM Investment

Over the last 10-15 years, many organizations built Security Operations Centers (SOCs) on the backbone of security information and event

The Emergence of Virtual Reality and Augmented Reality in the Security Operations Center

Organizations are increasingly clustering their skills and capabilities into security operations centers (SOCs). An SOC is a focused facility where