SIEM

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)

CISA, Don't miss, enterprise, Hot stuff, monitoring, News, Resecurity, SIEM, Splunk, vulnerability /

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) 2026-06-19 at 13:50 By Zeljka Zorz CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal civilian agencies to apply mitigations by June 21, 2026. In-the-wild exploitation has also been confirmed by the vendor […]

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) Read More »

Security teams are carrying more tools with less confidence

cybersecurity, News, report, security operations, SIEM, Sumo Logic, survey /

Security teams are carrying more tools with less confidence 2026-01-30 at 07:31 By Anamarija Pogorelec Enterprise environments now span multiple clouds, on-premises systems, and a steady flow of new applications. Hybrid and multi-cloud setups are common across large organizations, and they bring a constant stream of logs, alerts, and operational data. That environment already exists

Security teams are carrying more tools with less confidence Read More »

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)

Don't miss, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SIEM, Tenable, vulnerability /

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) 2026-01-15 at 15:27 By Zeljka Zorz A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizations to patch immediately. About CVE-2025-64155 CVE-2025-64155 may allow unauthenticated, remote attackers to execute unauthorized code or

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) Read More »

4 ways to use time to level up your security monitoring

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, InfluxData, monitoring, News, opinion, SaaS, security telemetry, SIEM /

4 ways to use time to level up your security monitoring 2025-10-03 at 09:09 By Help Net Security SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity

4 ways to use time to level up your security monitoring Read More »

Security Analytics Firm Vega Emerges From Stealth With $65M in Funding 

Cybersecurity Funding, funding, SIEM, SOC, Vega /

Security Analytics Firm Vega Emerges From Stealth With $65M in Funding  2025-09-16 at 18:02 By Eduard Kovacs Vega provides security analytics and operations solutions designed to help organizations detect and respond to threats. The post Security Analytics Firm Vega Emerges From Stealth With $65M in Funding  appeared first on SecurityWeek. This article is an excerpt

Security Analytics Firm Vega Emerges From Stealth With $65M in Funding  Read More »

SentinelOne to Acquire Observo AI in $225 Million Deal

Acquisition, M&A, M&A Tracker, SentinelOne, SIEM /

SentinelOne to Acquire Observo AI in $225 Million Deal 2025-09-09 at 11:15 By Eduard Kovacs SentinelOne is buying Observo AI for a combination of cash and stock to boost its SIEM and data offerings. The post SentinelOne to Acquire Observo AI in $225 Million Deal appeared first on SecurityWeek. This article is an excerpt from

SentinelOne to Acquire Observo AI in $225 Million Deal Read More »

CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry

Acquisition, CrowdStrike, Funding/M&A, Network Security, Onum, SIEM /

CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry 2025-08-28 at 15:09 By SecurityWeek News CrowdStrike says the acquisition will bring valuable technology to enhance its Falcon Next-Gen SIEM. The post CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry appeared first on SecurityWeek. This article is an excerpt

CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry Read More »

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Don't miss, exploit, Fortinet, Hot stuff, News, security update, SIEM /

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) 2025-08-13 at 12:43 By Zeljka Zorz Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by organizations to collect, correlate

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) Read More »

Tired of gaps in your security? These open-source tools can help

cybersecurity, News, open source, SIEM, threat detection /

Tired of gaps in your security? These open-source tools can help 2025-07-17 at 07:42 By Anamarija Pogorelec When it comes to spotting threats, security teams need tools that can pull data from all over and make it easier to analyze. In this article, we’ll take a look at some popular open-source tools that help with

Tired of gaps in your security? These open-source tools can help Read More »

Securonix Acquires Threat Intelligence Firm ThreatQuotient

Artificial Intelligence, Funding/M&A, Securonix, SIEM, SOAR, Threat Intelligence, ThreatQuotient /

Securonix Acquires Threat Intelligence Firm ThreatQuotient 2025-06-11 at 18:37 By SecurityWeek News Cybersecurity heavyweight Securonix acquires ThreatQuotient to boost plans to build an all-in-one security operations stack. The post Securonix Acquires Threat Intelligence Firm ThreatQuotient appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Securonix Acquires Threat Intelligence Firm ThreatQuotient Read More »

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

Akamai, botnet, Don't miss, Hot stuff, News, PoC, SIEM, vulnerability, Wazuh, XDR /

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) 2025-06-10 at 13:31 By Zeljka Zorz Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and event management (SIEM) and extended detection and response

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) Read More »

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques

CardinalOps, cybersecurity, framework, MITRE, MITRE ATT&CK, News, report, SIEM, SOC, survey, threat detection /

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques 2025-06-09 at 07:32 By Help Net Security Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality, but plenty of room for improvement remains, according to CardinalOps. MITRE ATT&CK enhances SOC

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques Read More »

Spring clean your security data: The case for cybersecurity data hygiene

Auguria, cyber hygiene, cybersecurity, data management, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SIEM, SOC, strategy /

Spring clean your security data: The case for cybersecurity data hygiene 2025-03-25 at 08:41 By Help Net Security Spring cleaning isn’t just for your closets; security teams should take the same approach to their security operations data, where years of unchecked log growth have created a bloated, inefficient and costly mess. The modern Security Operations

Spring clean your security data: The case for cybersecurity data hygiene Read More »

MISP: Open-source threat intelligence and sharing platform

Don't miss, GitHub, Hot stuff, malware analysis, News, open source, SIEM, software, Threat Intelligence /

MISP: Open-source threat intelligence and sharing platform 2024-08-05 at 07:01 By Help Net Security MISP is an open-source threat intelligence and sharing platform for collecting, storing, distributing, and sharing cybersecurity indicators and threats related to incident and malware analysis. MISP is designed by and for cybersecurity, ICT professionals, and malware reversers to support their daily

MISP: Open-source threat intelligence and sharing platform Read More »

Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam 

cloud security, Exabeam, Funding/M&A, Incident Response, LogRhythm, SIEM, Thoma Bravo /

Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam  2024-05-15 at 21:16 By Ryan Naraine Financial terms were not released but the price tag is expected to be hefty with Exabeam’s most recent valuation pegged at $2.5 billion. The post Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam  appeared first on SecurityWeek. This article is an

Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam  Read More »

5 ways to keep API integrations secure

API security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Merge, News, opinion, SIEM, software, update /

5 ways to keep API integrations secure 2024-03-06 at 08:20 By Help Net Security API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card data. Keeping this data safe from attackers—while ensuring that the integrations perform at the desired level—requires adopting several security measures.

5 ways to keep API integrations secure Read More »

Three security data predictions for 2024

Comcast, Compliance, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, GRC, Hot stuff, News, opinion, PCI DSS, regulation, SIEM /

Three security data predictions for 2024 06/12/2023 at 08:32 By Help Net Security How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s difficult: Adversaries are adopting and using AI and even generative AI-based technologies against enterprises. Nation-state cyber

Three security data predictions for 2024 Read More »

SIEM and Log Management Provider Graylog Raises $39 Million

Cybersecurity Funding, funding, SIEM /

SIEM and Log Management Provider Graylog Raises $39 Million 01/11/2023 at 14:16 By Ionut Arghire Graylog secured $39 million in funding to accelerate product development and scale its go-to-market operations. The post SIEM and Log Management Provider Graylog Raises $39 Million appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

SIEM and Log Management Provider Graylog Raises $39 Million Read More »

How security observability can help you fight cyber attacks

attacks, Compliance, cybersecurity, data breach, Don't miss, Hot stuff, Observe, security operations, SIEM, SOC, Video /

How security observability can help you fight cyber attacks 31/10/2023 at 08:31 By Help Net Security Security observability uses the external outputs of a system, its logs, metrics, and traces to infer risk, monitor threats, and alert on breaches. Security professionals use this close observation of system behavior to detect, understand, and stop new and

How security observability can help you fight cyber attacks Read More »

Wazuh: Free and open-source XDR and SIEM

Elastic, GitHub, News, open source, SIEM, software, XDR /

Wazuh: Free and open-source XDR and SIEM 24/10/2023 at 07:00 By Help Net Security Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings. Wazuh system comprises an endpoint security agent installed on monitored systems and a management server that processes and

Wazuh: Free and open-source XDR and SIEM Read More »

Scroll to Top