CrowdStrike just dropped $290M on a company most of us haven't heard of: Onum. This big-ticket acquisition is a statement about where the industry is headed. The real value here is real-time data pipelines. We're moving from just collecting telemetry to proactively filtering and enriching it so AI models can work faster and more efficiently. It's a foundational shift.
TL;DR
$290M acquisition of Onum
Focus is on AI-powered data pipelines
Accelerates threat detection at scale
Less friction for AI/SOC teams
https://www.csoonline.com/article/4057472/crowdstrike-bets-big-on-agentic-ai-with-new-offerings-after-290m-onum-buy.html
#Cybersecurity #AI #CrowdStrike #ThreatDetection #security #privacy #cloud #infosec

Why Your Security Team Needs Geographic Threat Intelligence Visualization
Traditional security dashboards show you WHAT happened, but not WHERE it's happening or HOW threats are connected geographically. Your SOC analysts are drowning in isolated alerts while missing the bigger picture - attack campaigns that span multiple IPs and locations. This geographic blind spot is costing companies millions in delayed detection and response times.
Five Reasons to Use Geographic Threat Intelligence:
Faster Incident Response - See attack patterns immediately, not after hours of analysis
Better Resource Allocation - Focus security resources on high-risk geographic areas
Enhanced Threat Hunting - Spot attack campaigns across multiple IPs and locations
Improved Prioritization - Group related threats by geography and risk level
Better Communication - Show executives the threat landscape visually
Don't let your security team fight blind. Give them the geographic intelligence they need to win the battle against cyber threats.
#Cybersecurity #ThreatIntelligence #SOC #IncidentResponse #SecurityOperations #CyberDefense #ThreatHunting #SecurityAnalytics #InfoSec #CyberThreats #SecurityTools #DataVisualization #SecurityInnovation #CyberAwareness #SecurityLeadership #RiskManagement #SecurityMonitoring #ThreatDetection #CyberResilience #SecurityStrategy

https://chickenpwny.github.io/AzureOrder365/

Innovator Spotlight: Darwinium – Source: www.cyberdefensemagazine.com https://ciso2ciso.com/innovator-spotlight-darwinium-source-www-cyberdefensemagazine-com/ #rssfeedpostgeneratorecho #autonomouscybersecurity #cyberdefensemagazine #realtimeintelligence #cyberdefensemagazine #CyberSecurityNews #digitalresilience #perimetersecurity #AInativesecurity #Beagleredteaming #adaptivedefense #fraudprevention #threatdetection #GenerativeAI #riskjourneys #cyberfraud #agenticai #Darwinium #Spotlight #CISOs

As #Ransomware attacks grow in frequency, scale, and sophistication, endpoint security & reactive backups are no longer enough.

Defense has moved beyond traditional antivirus - the new focus is the storage layer:
Immutable backups
AI-powered detection
Isolated vaults

Read the #InfoQ article by Arjun Mullick (Engineering Manager, Meta): https://bit.ly/4623E3x

ScaryByte has tackled an important and growing challenge—digital academic fraud. Their integrated #security platform combining #Graylog Security, AWS, and Obala AI now unifies observability, streamlines detection, and accelerates response time for critical institutions.

ScaryByte delivers outcomes that matter, including:
Real-time threat detection
Faster forensics and compliance
Expert-led deployments, scalable on AWS

Learn more about how ScaryByte is helping institutions restore trust in online learning. See the full case study.

https://graylog.org/resources/customer-story-scarybyte/
#cybersecurity #threatdetection #incidentresponse #TDIR

It's time to tune in for the latest from #GraylogLabs! Today we're taking about the new Caddy Webserver Content Pack. Say what? No, not #Caddyshack! Caddy Webserver!

This new content pack is going to help you quickly turn raw logs into structured, searchable insights. It's available in Illuminate 6.4 and a Graylog Enterprise or Graylog #Security license, and delivers ready-to-use parsing rules, streams, and dashboards.

Read up on:
What this pack does
Getting logs into #Graylog
Why you should log Caddy Webserver logs
How this helps you quickly detect anomalies, identify suspicious requests, and feed relevant data directly into your #TDIR workflows

https://graylog.org/post/caddy-webserver-data-in-graylog/ #cybersecurity #threatdetection #incidentresponse #SIEM

Reason #532 for why you should register NOW(!) for #GraylogGO... Seth Goldhammer will be delivering the highly anticipated annual roadmap keynote, "The Road Ahead: Graylog’s Vision for Innovation and #Security".

Where is #Graylog headed next?
What are the upcoming strategies, innovations, and enhancements that will help you stay ahead in today’s rapidly evolving threat landscape?
What are the Graylog usability improvements that will empower your teams?
How does Graylog build “#SIEM without compromise?”

Find out! On Sept. 17th at 9AM ET—but only if you REGISTER (it's ) — https://graylog.info/41iu8fv

Whether your an enterprise customer or an open source user, you’ll leave this session inspired and ready to take full advantage of what’s next.

Okta just flipped the script on cybersecurity by open-sourcing its Auth0 Rules Catalog. Imagine a community-powered playbook that spots threats before they strike—ready to change the game? Check out how this could redefine defense.

https://thedefendopsdiaries.com/oktas-open-source-initiative-empowering-cybersecurity-with-the-auth0-rules-catalog/

#okta
#cybersecurity
#opensource
#threatdetection
#auth0

Let's talk about APTs (advanced persistent threats). An APT can gain access to your company’s systems and networks then hide within, and wait to complete objectives at a later time. Since they can cause long-term damage to sensitive systems and data, understanding what they are and why they matter will enable you to better protect your org.

Read our latest blog to learn about:
The key characteristics of APTs
The 3 stages of an APT attack
The main motives and targets of an APT attack
How to detect an advanced persistent threat
Best practices for mitigating, detecting, and responding to APTs

https://graylog.org/post/advanced-persistent-threat-what-they-are-and-why-they-matter/ #cybersecurity #cyberattack #TDIR #threatdetection #incidentresponse

The top CTEM platforms you should know in 2025 https://www.helpnetsecurity.com/2025/08/14/ctem-platforms-2025/ #vulnerabilitymanagement #threatdetection #cybersecurity #Don'tmiss #framework #Hotstuff #opinion #threat #Ionix #News

Fortinet FortiGate 2025 Firewall Guide

Choosing the right firewall isn’t one-size-fits-all. We’ve compared five Fortinet FortiGate models—30G, 50G, 70G, 100F, and Rugged 70G-5G-DUAL—by performance, features, and best use cases.

From small office POS security to enterprise-scale SD-WAN to ruggedized IoT environments—there’s a FortiGate for every scenario.

Read: https://datacenter360.ca/news/fortinet-firewall-comparison-2025/
#CyberSecurity #Fortinet #Firewalls #InfoSec #NetworkSecurity #ThreatDetection

Why 90% of cyber leaders are feeling the heat https://www.helpnetsecurity.com/2025/08/06/managing-cyber-risk-practices/ #threatdetection #riskmanagement #cybersecurity #monitoring #cyberrisk #BitSight #burnout #report #News

Microsoft’s new AI reverse-engineers malware autonomously, marking a shift in cybersecurity - Microsoft says its new system could eventually detect new types of malware direct... - https://www.geekwire.com/2025/microsofts-new-ai-reverse-engineers-malware-autonomously-marking-a-shift-in-cybersecurity/ #securefutureinitiative #largelanguagemodels #reverseengineering #aimalwareanalysis #microsoftdefender #malwaredetection #threatdetection #cybersecurity #autonomousai #zerodayquest #microsoft

Führungsetagen zu KI in der Cyberabwehr - Heute Unsicherheit, morgen Schlüsselrolle

#Cyberabwehr #Cybersecurity #Cybersicherheit #Deepfake #EMailSicherheit #künstlicheIntelligenz #Phishing @Sophos #ThreatDetection @Sophos_Info

https://netzpalaver.de/2025/07/31/fuehrungsetagen-zu-ki-in-der-cyberabwehr-heute-unsicherheit-morgen-schluesselrolle/

Tired of gaps in your security? These open-source tools can help https://www.helpnetsecurity.com/2025/07/17/open-source-threat-detection-solutions/ #threatdetection #cybersecurity #opensource #News #SIEM

A critical vulnerability in old Telerik software gave an attacker remote code execution on an SFTP-only Windows server. That meant they didn’t need credentials, antivirus didn’t trigger, and default log sizes meant almost nothing useful was captured.

From there? PowerShell exclusions, admin account created, RDP tunnelled in via Ngrok, ransomware deployed.

They even opened Pornhub either to cover traffic or celebrate the moment. Who knows?

This attack wasn’t subtle. But it worked because basic controls were missing.

We’ve broken down the incident. Plus, recommendations you can act on now to prevent the same thing.

https://www.pentestpartners.com/security-blog/sil3ncer-deployed-rce-porn-diversion-and-ransomware-on-an-sftp-only-server/

Rethinking API Security: Confronting the Rise of Business Logic Attacks (BLAs) – Source: securityboulevard.com https://ciso2ciso.com/rethinking-api-security-confronting-the-rise-of-business-logic-attacks-blas-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #BusinessLogicAttack #CyberSecurityNews #SecurityBoulevard #threatdetection #SocialFacebook #SocialLinkedIn #Cybersecurity #APIsecurity #SocialX #traffic #BLAs

Knowing the most common indicators of compromise (IoCs) can improve your key threat detection and response (TDIR) metrics. And, if you are keeping an eye out for common IOCs, then you're able to take a more proactive approach to #security. So, let's dig in and learn all about IOCs!

IoCs fall into the following categories:
Network-based
Host-based
Email-based
Behavioral
Third-party

In this blog we outline 17 common indicators of compromise, including:
Network traffic anomalies
Unusual sign-in attempts
Geographical anomalies
Privilege account irregularities
Changes to systems configurations
Unexpected software installations or updates
Numerous requests for the same file
Unusual Domain Name Systems (DNS) requests
Swells in database read volume
HTML response sizes
Mismatched port-application traffic
Suspicious registry or system file changes
Influx of spam emails
Moved or aggregated data
Non-human website traffic
Changes to mobile devices
System outages or reduced performance

Read on and learn about the details for each of these 17 common IoCs—so that you can be ready to search your environment for clues that will help you confirm security incidents and/or data breaches.

https://graylog.org/post/17-common-indicators-of-compromise/ #threatdetection #incidentresponse #cybersecurity #GraylogLabs

KI-Agenten gegen Hacker

#AgenticAI #AITeammate #Anwendungssicherheit #ApplicationSecurity #AppSec #Cybersecurity @Cycode #KIAgent #SoftwareDevelopment #SupplyChain #ThreatDetection

https://netzpalaver.de/2025/07/08/ki-agenten-gegen-hacker/

Industrial security is on shaky ground and leaders need to pay attention https://www.helpnetsecurity.com/2025/07/03/ot-iot-threat-detection-confidence/ #threatdetection #cybersecurity #Forescout #report #News #IoT