We are in the midst of an unprecedented convergence of events that are forcing enterprises to dramatically change how they secure their modern businesses. With the acceleration of digital transformation from COVID-19, work-from-home initiatives, the continued growth of SaaS and the increasing adoption of microservices-based applications, the modern enterprise threat landscaping is transforming rapidly.

Watching too many movies might give you the impression that cyber attacks are launched by well-funded masterminds able to control the internet at their whim. But really, successful attacks can be as simple as disguising some malicious software as a link to an often-used site, and tricking people into clicking it, known as phishing. The result is that many cyber attacks are carried out by taking advantage of unsuspecting end users.

Cloud security is the combination of tools and procedures that form a defense against unauthorized data exposure by securing data, applications, and infrastructures across the cloud environment and by maintaining data integrity. To read more about the basic principles of cloud security, check out our previous article on the subject. Cloud security is a constant concern for R&D teams, and more and more methodologies are being introduced to help teams achieve their goals.

At Splunk, we’re proud to employ some of the top security analysts in the industry. On any given day, they’re investigating security incidents, triaging alerts and identifying threats so our systems and data — as well as those of our customers — remain secure. But what, exactly, do Splunk security analysts do? And what are some of their biggest challenges?

We have been busy adding new features to our growing list of abilities. Logz.io Cloud SIEM is no exception. Throughout 2020 we have been enriching our security incident and event management tool, refining threat intelligence, adding new dashboards, and improving the user experience to ensure there’s an eagle’s-eye view of the security challenges that organizations face. Here are a few of those updates that we have recently put to production.

We’re excited to announce that ManageEngine has been recognized as a Customers’ Choice in 2020 Gartner Peer Insights “Voice of the Customer’: Security Information and Event Management (SIEM) for the second time. This is in addition to our recognition in Gartner’s Magic Quadrant for Security Information and Event Management, 2020 for four consecutive times. We are thrilled to be named this recognition yet again. What better way to be recognized than by our customers?

Customers regularly ask me what types of data sources they should be sending to their SIEMs to get the most value out of the solution. The driver for these conversations is often because the customers have been locked into a SIEM product where they have to pay more for consumption. More log data equals more money and, as a result, enterprises have to make a difficult choice around what log sources and data are what they guess is the most important.

Ever since JASK was founded, we have heavily integrated with threat intelligence platforms to gain context into attacker activity through indicators of compromise (IOCs). Now that we have joined Sumo Logic, our customers have the ability to pull in more data than ever making this feature even more powerful. One of our tightest integrations is with the Anomali (formerly ThreatStream) platform.

Security Information Monitoring or Security Event Monitoring is part of Security Information Management. Yes, I acknowledge they are flashy names and that even experts have their differences about concept and scope. Here in Pandora FMS, flexibility is part of our name, so, hereby, I will abbreviate it as Security Monitoring. As you can see, it is short and manageable!