Architecture, Event and Threat Detection

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Despite widespread cloud adoption, most SecOps teams rely on outdated, on-premises alert tools, leading to missed threats and wasted resources on false positives. Key applications include automated phishing detection, real-time behavior analysis, and intelligent event correlation across channels, enhancing efficiency and impact.

Risk

Risk Threat Detection Technology Phishing

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. This article explores network security architecture components, goals, best practices, frameworks, implementation, and benefits as well as where you can learn more about network security architecture.

Architecture

Architecture Network Security Firewall Risk

Appsec Roundup - August 2024

Adam Shostack

JANUARY 2, 2025

The most important stories around threat modeling, appsec and secure by design for August, 2024. Threat Modeling Brett Crawley released Threat Modeling Gameplay with EoP: A reference manual for spotting threats in software architecture , published by Packt, a full book on the game.

Architecture

Architecture Threat Detection Software Media

'SIEM Sprawl' Makes It Tough for Security Teams to Detect What Matters

SecureWorld News

JUNE 5, 2025

In its 2025 State of SIEM report, CardinalOps delivers a stark message to cybersecurity professionals: despite massive investments in Security Information and Event Management (SIEM) platforms, most organizations are blind to a majority of known MITRE ATT&CK techniques. And the situation isn't improving fast enough.

Engineering

Engineering Authentication CISO Architecture

What is 5G security? Explaining the security benefits and vulnerabilities of 5G architecture

CyberSecurity Insiders

SEPTEMBER 21, 2021

Defining 5G security and architecture. Delving into the technical details of the 5G security architecture is beyond the scope of this article. With edge, it’s processed much closer to the source, enabling the ability for improved threat detection. What risks does 5G introduce? The post What is 5G security?

Architecture

Architecture IoT Mobile Internet

News alert: At RSAC 2025, SecAI unveils platform that fuses agentic AI, contextual threat intelligence

The Last Watchdog

APRIL 29, 2025

Apr 29, 2025, CyberNewswire — SecAI , an AI-enriched threat intelligence company, made its official debut today at RSA Conference 2025 in San Francisco, marking the companys first public appearance on the global cybersecurity stage. Second, its designed from the ground up with an AI-native architecture. San Francisco, Calif.,

Architecture

Architecture Threat Detection Cybersecurity Media

News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance

The Last Watchdog

JANUARY 27, 2025

Media contact: Kathryn Brown, Director of Global Strategic Communications and Events, INE Security, kbrown@ine.com The post News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 demands a structured approach to implementation and preparation. compliance first appeared on The Last Watchdog.

Password Management

Password Management Architecture Threat Detection Cybersecurity

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

The Last Watchdog

MAY 25, 2022

XDR is one of the latest acronyms to hit the cyber dictionary, and it is a new approach to threat detection and response. With cyberattacks growing year-on-year, organizations simply do not have the manpower or resources to combat threats.

Digital transformation

Digital transformation Threat Detection Architecture Cybersecurity

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

The Last Watchdog

OCTOBER 17, 2023

Combining a security Information tool with a security event tool made it easier to correlate alerts generated by security products, like firewalls and IDS, normalize it, and then analyze it to identify potential risks. Nayyar: : The transition from SIM to SIEM was born out of necessity. What’s the most important thing to keep in mind?

Marketing

Marketing Cloud Migration Threat Detection Firewall

Five Ways to Configure a SIEM for Accurate Threat Detection

eSecurity Planet

JUNE 6, 2023

A security information and event management (SIEM) system is about as complicated as a security tool can get, pulling in log and threat data from a wide range of sources to look for signs of a cyber attack. Not surprisingly, they can be challenging to manage.

Threat Detection

Threat Detection Engineering Architecture Cyber Attacks

Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud

Cisco Security

DECEMBER 14, 2021

These applications/workloads move to, and reside in, multicloud architecture, adding complexity to connectivity, visibility, and control. Cisco Secure Firewall Threat Defense provides unmatched security controls such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, application visibility and control, and more.

Firewall

Firewall Architecture Internet Internet

11 top XDR tools and how to evaluate them

CSO Magazine

JANUARY 9, 2023

The scale of modern enterprise computing and modern application stack architecture requires security tools that can bring visibility into the security posture of modern IT components and integrate tightly to bring real-time threat detection, possibly even automating aspects of threat mitigation.

Architecture

Architecture Threat Detection

Open XDR vs. SIEM

CyberSecurity Insiders

OCTOBER 20, 2021

So, Open XDR is defined the same as Gartner’s XDR definition except that it ends with “all existing security components, delivered via an open architecture”. However, there are major architectural differences that allow Open XDR to deliver on many of the promises of SIEMs where SIEMs have fallen short. That’s because it is.

Architecture

Architecture Big data Technology Threat Detection

Understanding Identity Acronyms: What Are ISPM & ITDR?

Duo's Security Blog

JULY 25, 2024

Given the complexity of policy, even the most advanced teams struggle to deploy, maintain and assess a strong access management policy posture standard that helps mitigate threats while also supporting a productive business. What is ITDR, or Identity Threat Detection & Response? Why is ITDR & ISPM important?

Threat Detection

Threat Detection Risk Architecture Artificial Intelligence

New Advanced AlienApps for Akamai ETP and Akamai EAA help streamline threat management

CyberSecurity Insiders

NOVEMBER 19, 2021

The ETP app is capable of grabbing a range of ETP events—including threat, AUP (Acceptable User Policy), DNS activity, network traffic, and proxy traffic events—and feeding them into the robust USM Anywhere correlation engine for threat detection and enrichment. Voice of the vendor.

Threat Detection

Threat Detection Engineering DNS Architecture

Why It’s Time to Replace Your Legacy SIEM and What to Consider as a Replacement?

IT Security Guru

DECEMBER 16, 2024

Security Information and Event Management systems are vital for businesses’ cybersecurity. They collect and analyze security alerts, protecting against threats. Modern cyber threats outpace legacy SIEM systems. At times, real threats may slip through undetected. So, your team might waste time on irrelevant alerts.

Threat Detection

Threat Detection Cyber threats Artificial Intelligence Mobile

Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud

Cisco Security

FEBRUARY 2, 2023

These applications/workloads move to, and reside in multi-cloud architecture, adding complexity to connectivity, visibility, and control. Cisco Secure Firewall Threat Defense Virtual provides unmatched security controls such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, application visibility and control, and more.

Firewall

Firewall Architecture Internet Internet

SolarWinds Security Event Manager – SIEM Product Overview and Insight

eSecurity Planet

FEBRUARY 6, 2023

SolarWinds Security Event Manager (SEM) 2022.4 SolarWinds SIEM Features Rated Threats Blocked: Good. SolarWinds SEM supports a variety of event sources, including nonevent data sources that can be integrated into its analytics and correlation rules. It trades on the NYSE under the symbol SWI. Throughput: Good. Management: Good.

Architecture

Architecture Authentication Software Threat Detection

AI and Cyber Security: Innovations & Challenges

eSecurity Planet

SEPTEMBER 16, 2024

By identifying deviations from normal patterns, AI can detect potential security incidents before they escalate into serious threats. AI’s impact on cybersecurity is transformative, providing significant advantages such as enhanced threat detection and response. What is the Impact of AI in Cybersecurity?

Artificial Intelligence

Artificial Intelligence Threat Detection Phishing Cyber Attacks

Extending Zero Trust Security to Industrial Networks

Cisco Security

JUNE 28, 2021

Once a device has been granted access, it should be added to an industrial zone as defined by the ISA99/IEC-62443 Isolating industrial devices with micro and macro segmentation techniques (in addition to isolating the entire industrial domain with an IDMZ) is the most effective way to ensure threats can be contained.

IoT

IoT Architecture Marketing Threat Detection

Formula 1® Appoints Herjavec Group as Official Cybersecurity Services Provider

Herjavec Group

MARCH 22, 2021

As the Official Cyber Security Services Provider, Herjavec Group will support Formula 1 ® in three critical areas: Securing the F1 ® Event Technical Centre. The F1 ® Event Technical Centre will be transported to 22 countries this year, generating real-time racing analysis, security event logs, and threat intelligence information.

Cybersecurity

Cybersecurity Digital transformation Architecture Threat Detection

Visualize and validate policy, increase remote worker telemetry, and embrace zero trust with Network Analytics Release 7 …

Cisco Security

FEBRUARY 8, 2021

Rather than performing hours of cumbersome tasks such as conducting manual searches and cross-references across different datasets, users can get granular by drilling down into policy violations to view all associated IPs and related flows, associated endpoints, ISE-registered usernames, and events with timestamps on single pane.

Threat Detection

Threat Detection Architecture Engineering Ransomware

It’s a party! Cisco SecureX at RSAC and Cisco Live US 2022

Cisco Security

MAY 11, 2022

And soon, the cybersecurity world finally comes together again at two mega-events this year: RSA Conference and Cisco Live 2022. BRKSEC-3019 – Visibility, Detection and Response with Cisco Secure Network Analytics. BRKMER-2003 – Meraki & Secure Network and Cloud Analytics: Threat Detection for the Rest of Us.

Firewall

Firewall Threat Detection Risk Engineering

10 DevOps Tools for Continuous Monitoring

CyberSecurity Insiders

AUGUST 1, 2021

The platform offers event monitoring, anomaly detection, and advanced event management – along with AI-driven proactive alerting capabilities and probable cause analysis that give DevOps teams a head start when responding to prospective events. Complex architecture and high TCO. Limited data retention period.

Software

Software Technology Mobile Architecture

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Security

JUNE 1, 2021

The ability to define customized security events based on NVM data-specific criteria. SAL On-premises also supports a fully qualified remote query API that enables the Cisco Secure Firewall Management Console (FMC) to populate its event viewers and dashboards and support its reporting and analysis capabilities.

Data collection

Data collection Firewall VPN Threat Detection

The Case for Multi-Vendor Security Integrations

Cisco Security

AUGUST 26, 2022

The AlienApp for Cisco Secure Endpoint enables you to automate threat detection and response activities between USM Anywhere and Cisco Secure Endpoint. In addition, it allows you to collect hourly events from Cisco Secure Endpoint through the USM Anywhere Job Scheduler. New Secure Malware Analytics (Threat Grid) Integrations.

Firewall

Firewall Authentication Passwords Threat Detection

5 Best Cloud Native Application Protection Platforms in 2023

eSecurity Planet

JUNE 9, 2023

With this pairing, threats can be identified quickly anywhere in the cloud, with 360-degree visibility and connection across workloads, identities, cloud services, and third-party applications. CrowdStrike Falcon Cloud Security dashboard Pricing Price starts at $300 annually per basic Falcon Go bundle. AWS offers additional pricing info.

Threat Detection

Threat Detection Architecture Government Risk

New Study: Reducing Security Incidents and Impact with Endpoint Protection

Cisco Security

MAY 18, 2021

The top five industries reporting a major security incident included the hospitality, architecture/engineering, education, business consulting, and financial services sectors. We also asked respondents reporting major security incidents about the impacts associated with those events. Secondary or indirect impacts are a big deal.

Data breaches

Data breaches Small Business Financial Services Cybersecurity

Top of Mind Security Insights from In-Person Interactions

Cisco Security

JUNE 30, 2022

After two years of virtual engagements, in-person events like our CISO Forum and Cisco Live as well as the industry’s RSA Conference underscore the power of face-to-face interactions. However, advanced telemetry, threat detection and protection, and continuous trusted access all help decelerate the trend.

Digital transformation

Digital transformation Data privacy Identity Theft Data breaches

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Cisco Security

JUNE 1, 2021

The ability to define customized security events based on NVM data-specific criteria. SAL On-premises also supports a fully qualified remote query API that enables the Cisco Secure Firewall Management Console (FMC) to populate its event viewers and dashboards and support its reporting and analysis capabilities.

Data collection

Data collection Firewall VPN Threat Detection

Top 12 Firewall Best Practices to Optimize Network Security

eSecurity Planet

DECEMBER 10, 2023

It also allows for centralized tracking of firewall activity, which simplifies threat detection and response. This method improves control and containment in the event of a breach by isolating affected segments while protecting the rest. In the event of a breach, segmentation improves security by blocking lateral movement.

Firewall

Firewall Network Security Backups Education

What Is EDR in Cyber Security: Overview & Capabilities

eSecurity Planet

SEPTEMBER 24, 2024

Planning the deployment: Create a deployment plan that considers network architecture, security infrastructure, compatibility, and the resources required for successful integration. 10 Key Capabilities of EDR EDR systems improve cyber security through features such as threat hunting, ransomware rollback, and continuous data analysis.

Antivirus

Antivirus Threat Detection Small Business Technology

Replace Your SIEM with Neural Net Technology

Security Boulevard

JUNE 22, 2022

Security Information Event Management (SIEM) systems are an outdated technology. It’s no longer enough to just manage information – today’s organizations need technology that can proactively detect and respond to dynamic threats as well. But over the last five years, the threat landscape has changed quickly.

Technology

Technology Threat Detection Artificial Intelligence Architecture

When It comes to Cybersecurity – An ounce of prevention

CyberSecurity Insiders

JANUARY 18, 2022

Clearly, preventing fires is better than fighting them……” So, to what extent are we able to protect ourselves from Cybersecurity events? With the alphabet soup of acronyms out there such as NIST, ISO, SOC, CISA, DevSecOps, etc…… protecting your business from Cybersecurity threats can be overwhelming.

Cybersecurity

Cybersecurity Backups Social Engineering Architecture

What Is Hybrid Cloud Security? How it Works & Best Practices

eSecurity Planet

OCTOBER 20, 2023

Backup and Disaster Recovery: Data backup and disaster recovery plans assure data availability and business continuity in the event of data loss or service failures. Here are some examples of hybrid cloud security architectures. This enables them to select the most appropriate environment for each workload, application, or data type.

Backups

Backups Firewall Encryption Architecture

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

UEBA aims to identify patterns and detect anomalous user behavior to identify potential security issues. Other vendors position themselves in the Security Information and Event Management (SIEM) Category. SIEM vendors collect and analyze information on networks, devices and users to identify security threats. UEBA vs SIEM.

CISO

CISO Cyber Attacks Data collection Cybersecurity

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

A privileged access management (PAM) platform is essential for managing and securing privileged credentials, ensuring least privilege access and preventing lateral movement in the event of a breach." Education, education, education: Stay informed about the latest cybersecurity threats and best practices.

Passwords

Passwords Password Management Education Accountability

Top Microsegmentation Software for 2021

eSecurity Planet

JULY 30, 2021

The basic idea is to segment off parts of the network, especially the most sensitive parts, and wall them off with stricter policies and tie them into a zero-trust architecture. Improved threat detection and response times. Enter microsegmentation as a way to minimize the damage from successful perimeter breaches.

Software

Software Architecture Technology Risk

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

Using the Cisco Secure Endpoint APIs, partner integrations provide analysts with rich threat information and actions on endpoint events; like retrieving endpoint information, hunting indicators on endpoints, searching events, etc. Users can also look up Intrusion Events by CVE reference. Read more here.

Technology

Technology Firewall VPN Authentication

The XDR Solution to the Ransomware Problem

Cisco Security

OCTOBER 14, 2021

They consolidate multiple vendor-specific security products into a cohesive security incident detection and response platform that is accessible to the mainstream market without extensive integration efforts. Insider threat detection: Get alarmed on data hoarding, data exfiltration, and suspicious lateral movements.

Ransomware

Ransomware Encryption Threat Detection Technology

Best 12 SaaS Security Tools to Protect Your Cloud Applications

Centraleyes

MAY 15, 2025

This architecture introduces new risksmisconfigurations, identity misuse, data leaks, and vulnerabilities introduced via third-party integrations. Lacework Behavioral Analytics for SaaS Security Lacework leverages machine learning to detect anomalies, misconfigurations, and threats. Theyre externally hosted.

Risk

Risk Data breaches Threat Detection Accountability

Cisco Talos — Our not-so-secret threat intel advantage

Cisco Security

AUGUST 24, 2022

The Talos team serves as a crucial pillar of our innovation — alerting customers and the public to new threats and mitigation tactics, enabling us to quickly incorporate protection into our products, and stepping in to help organizations with incident response, threat hunting, compromise assessments and more.

Engineering

Engineering Education Information Security Architecture

Understanding AI risks and how to secure using Zero Trust

CyberSecurity Insiders

JUNE 12, 2023

Zero Trust is an effective strategy for dealing with AI threats for the following reasons: Zero Trust architecture: Design granular access controls based on least privilege principles. Utilizing Security Information and Event Management (SIEM) systems can help aggregate and correlate security events.

Risk

Risk Architecture Data privacy Encryption

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Network Security Architecture: Best Practices & Tools

Trending Sources

Appsec Roundup - August 2024

'SIEM Sprawl' Makes It Tough for Security Teams to Detect What Matters

What is 5G security? Explaining the security benefits and vulnerabilities of 5G architecture

News alert: At RSAC 2025, SecAI unveils platform that fuses agentic AI, contextual threat intelligence

News alert: INE Security announces new initiative to help companies accelerate CMMC 2.0 compliance

GUEST ESSAY: Deploying ‘XDR’ can help companies avoid the security ‘vendor-silo’ trap

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

Five Ways to Configure a SIEM for Accurate Threat Detection

Securing Multicloud Environments with Cisco Secure Firewall Threat Defense on Alkira Cloud

11 top XDR tools and how to evaluate them

Open XDR vs. SIEM

Understanding Identity Acronyms: What Are ISPM & ITDR?

New Advanced AlienApps for Akamai ETP and Akamai EAA help streamline threat management

Why It’s Time to Replace Your Legacy SIEM and What to Consider as a Replacement?

Building a secure and scalable multi-cloud environment with Cisco Secure Firewall Threat Defense on Alkira Cloud

SolarWinds Security Event Manager – SIEM Product Overview and Insight

AI and Cyber Security: Innovations & Challenges

Extending Zero Trust Security to Industrial Networks

Formula 1® Appoints Herjavec Group as Official Cybersecurity Services Provider

Visualize and validate policy, increase remote worker telemetry, and embrace zero trust with Network Analytics Release 7 …

It’s a party! Cisco SecureX at RSAC and Cisco Live US 2022

10 DevOps Tools for Continuous Monitoring

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

The Case for Multi-Vendor Security Integrations

5 Best Cloud Native Application Protection Platforms in 2023

New Study: Reducing Security Incidents and Impact with Endpoint Protection

Top of Mind Security Insights from In-Person Interactions

Introducing continuous remote worker visibility and expanded data collection with Secure Network Analytics Release 7.3.2

Top 12 Firewall Best Practices to Optimize Network Security

What Is EDR in Cyber Security: Overview & Capabilities

Replace Your SIEM with Neural Net Technology

When It comes to Cybersecurity – An ounce of prevention

What Is Hybrid Cloud Security? How it Works & Best Practices

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

Top Microsegmentation Software for 2021

Top SD-WAN Solutions for Enterprise Security

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

The XDR Solution to the Ransomware Problem

Best 12 SaaS Security Tools to Protect Your Cloud Applications

Cisco Talos — Our not-so-secret threat intel advantage

Understanding AI risks and how to secure using Zero Trust

Stay Connected