Latest news with #InformationandEventManagement
Techday NZ
2 days ago
- Business
- Techday NZ
Trend Micro unveils Agentic SIEM to automate & streamline security
Trend Micro has launched Agentic SIEM, an artificial intelligence-powered security solution designed to address the longstanding challenges faced by traditional Security Information and Event Management (SIEM) systems. SIEM challenges Security Information and Event Management systems are relied upon by organisations to detect and respond to cyber threats. However, users of traditional SIEM solutions regularly cite challenges around high costs, operational complexity, alert overload, and passive data storage. Manual setup and static parsing also reportedly hinder effective management of the increasing variety and volume of contemporary data sources. The newly-announced Agentic SIEM deploys agentic AI to automate and improve key tasks, acting independently to reduce the number of alerts and streamline the workload of security teams. The platform is designed from the outset to utilise AI-driven capabilities in detecting, learning from, and responding to threats with minimal human intervention. Integration and scale Agentic SIEM supports over 900 data sources from launch, with integration options not only for Trend's proprietary XDR security sensors but also for third-party telemetry. This aims to provide a more comprehensive view of the security environment. The solution also offers three-day onboarding for new log types, with an aim to reduce this further to three hours by 2026. Data retention features include up to seven years of archival storage and two years of analytics retention, supporting both compliance and threat hunting requirements. Agentic SIEM is built to complement Trend's digital twin technology, enabling proactive risk mitigation across sectors such as healthcare, supply chains, predictive maintenance, and smart infrastructure. Industry perspective "As the cybersecurity stack increasingly becomes AI driven, the security data layer must evolve to support data-hungry agentic capabilities, including infusing agentic AI into core SIEM functions. Trend Vision One Agentic SIEM enters the SIEM market at a pivotal time, leveraging Agentic AI from the ground up to drive speed, performance, and a new level of risk-driven, contextual insights to rapidly mitigate cyber threat activity." This observation from Dave Gruber, Principal Cybersecurity Analyst at ESG, reflects current industry expectations for greater automation and intelligence in responding to security challenges. Workload automation The system employs agentic AI to map and optimise data flows swiftly, automating tasks that previously took security teams weeks to configure and manage. Trend Micro states that this immediate reduction in manual effort allows security professionals to concentrate on strategic and analytical work instead of routine monitoring and response. "Agentic SIEM is a major stepping stone to our long-term vision for full, AI-driven SecOps. It's a future in which security teams will have more time to work on strategic tasks, safe in the knowledge that our agentic AI has their backs. With this launch, Trend is once again laying down a marker for cybersecurity innovation and global market leadership." This was the statement from Mick McCluney, ANZ Field CTO at Trend. Use cases According to Trend Micro, Agentic SIEM can facilitate a range of use cases including automated threat detection and response, streamlined compliance support, and enhanced incident investigation. By performing autonomous data analysis, correlating information from multiple sources, and retaining extensive historical data, the system aims to reduce investigation timeframes and improve accuracy. The combination of Agentic SIEM with digital twin technology is intended to bolster cyber resilience and compliance further. Trend Micro points to prospective benefits in environments where virtual models and real-time data integration can inform risk mitigation, such as in healthcare operations, supply chain security, smart building management and predictive maintenance scenarios.
Yahoo
01-07-2025
- Business
- Yahoo
PANW's Platformization Gains Speed: Can it Multiply the Customer Base?
Palo Alto Networks PANW is gaining strong traction with its platformization strategy, which involves getting customers to adopt multiple PANW products across network, cloud, and security operations. In the third quarter of fiscal 2025, the company added more than 90 new platformized deals. This brings the total to around 1,250 platformizations among its top 5,000 deals aren't small. A global consulting firm signed a deal worth more than $90 million, using Palo Alto Networks' Cortex platform for Extended Security Intelligence & Automation Management to replace a legacy Security Information and Event Management (SIEM) provider. Another $46 million deal with a leading financial services firm included the displacement of its SIEM vendors, while a $32 million transaction with a United States financial services firm focused on reducing complexity in cloud and network security. These large transactions show that customers are ready to switch from fragmented tools to a more unified platform, and they are willing to spend big to do it. Moreover, customers who use more than one Palo Alto Networks platform grew by nearly 70% year over year during the third quarter. Management believes platformization is key to reaching its $15 billion Next-Gen Security Annual Recurring Revenue (ARR) target by fiscal 2030, with 60-70% of that total expected to come from platformized customers. With approximately 2% of PANW's more than 70,000 customers fully platformized, the runway remains wide open. Zscaler ZS and SentinelOne S are also evolving their platforms to meet enterprise security continues to expand its Zero Trust Exchange platform. In the third quarter of fiscal 2025, Zscaler reported ARR of $2.9 billion, up 23% year over year. Zscaler's Zero Trust Everywhere, Data Security Everywhere, and Agentic Operations are becoming its main growth engine. Together, these segments are approaching $1 billion in ARR, growing significantly faster than Zscaler's total ARR comparatively a small competitor, SentinelOne posted year-over-year growth of 24% in its ARR in the first quarter of fiscal 2026. The growth was driven by the rising adoption of SentinelOne's AI-first Singularity platform and Purple AI. Shares of Palo Alto Networks have gained 12.5% year to date compared with the Security industry's growth of 23.5%. Image Source: Zacks Investment Research From a valuation standpoint, Palo Alto Networks trades at a forward price-to-sales ratio of 12.92X, lower than the industry's average of 14.85X. Image Source: Zacks Investment Research The Zacks Consensus Estimate for PANW's fiscal 2025 and 2026 earnings implies year-over-year growth of 15.1% and 11.2%, respectively. The estimates for fiscal 2025 and 2026 have been revised upward in the past 60 days and 30 days, respectively. Image Source: Zacks Investment Research Palo Alto Networks currently carries a Zacks Rank #3 (Hold). You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report SentinelOne, Inc. (S) : Free Stock Analysis Report Palo Alto Networks, Inc. (PANW) : Free Stock Analysis Report Zscaler, Inc. (ZS) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
05-06-2025
- Business
- Yahoo
GUARDIENT® Aligns with New CISA and ACSC Guidance on SIEM and SOAR Implementation
VIENNA, Va., June 05, 2025 (GLOBE NEWSWIRE) -- Today, USX Cyber® announced that its flagship Guardient®, a Unified Security Platform, already aligns with the core recommendations released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) on effective Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) implementations. Last week's joint guidance from the two agencies emphasizes log prioritization, centralized visibility, incident response automation, and modular integration as foundational elements of a successful SIEM/SOAR deployment. These best practices have been embedded in the Guardient platform from day one.'It's validating to see the public sector reinforcing what we've been delivering to private industry for years,' said Clyde W. Goldbach, Jr., President & CEO of USX Cyber. 'Guardient was designed for visibility, speed, and actionability—core principles echoed in the CISA and ACSC release. We're proud to help businesses of all sizes achieve compliance with these evolving expectations.'Guardient XDR combines real-time threat detection, automated response, and compliance-driven workflows in a single, lightweight platform. The solution is built for MSPs, compliance teams, and security teams seeking faster time to value, ease of use, and affordability without the bloat of traditional SIEMs or fragmented point solutions. Guardient's key capabilities aligned with the new guidance include: Cloud-Native Ingestion & Priority Log Filtering Built-In SOAR for Instant Action & Ticket Enrichment Modular Agent-Based Deployment for Mac, Linux, and Windows Compliance-Centric Use Cases Across CMMC, HIPAA, and SOC 2 Integration with IoT, Firewall, Cloud, and Network Infrastructure Logs The newly released CISA/ACSC guidance is aimed at raising the security baseline for organizations across critical sectors. Guardient provides an accessible, battle-tested path to achieve that baseline USX Cyber®USX Cyber® offers a unified cybersecurity solution that balances technical defense with audit-readiness. Its flagship platform, Guardient®, equips IT teams and service providers with an integrated suite that combines SIEM, SOAR, XDR, threat intelligence, and compliance automation in a single, easy-to-deploy Contact:Megan DonovanExternal Communications DirectorUSX Cyber, LLCmegan@ 732-245-3399Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
05-06-2025
- Business
- Yahoo
GUARDIENT® Aligns with New CISA and ACSC Guidance on SIEM and SOAR Implementation
VIENNA, Va., June 05, 2025 (GLOBE NEWSWIRE) -- Today, USX Cyber® announced that its flagship Guardient®, a Unified Security Platform, already aligns with the core recommendations released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) on effective Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) implementations. Last week's joint guidance from the two agencies emphasizes log prioritization, centralized visibility, incident response automation, and modular integration as foundational elements of a successful SIEM/SOAR deployment. These best practices have been embedded in the Guardient platform from day one.'It's validating to see the public sector reinforcing what we've been delivering to private industry for years,' said Clyde W. Goldbach, Jr., President & CEO of USX Cyber. 'Guardient was designed for visibility, speed, and actionability—core principles echoed in the CISA and ACSC release. We're proud to help businesses of all sizes achieve compliance with these evolving expectations.'Guardient XDR combines real-time threat detection, automated response, and compliance-driven workflows in a single, lightweight platform. The solution is built for MSPs, compliance teams, and security teams seeking faster time to value, ease of use, and affordability without the bloat of traditional SIEMs or fragmented point solutions. Guardient's key capabilities aligned with the new guidance include: Cloud-Native Ingestion & Priority Log Filtering Built-In SOAR for Instant Action & Ticket Enrichment Modular Agent-Based Deployment for Mac, Linux, and Windows Compliance-Centric Use Cases Across CMMC, HIPAA, and SOC 2 Integration with IoT, Firewall, Cloud, and Network Infrastructure Logs The newly released CISA/ACSC guidance is aimed at raising the security baseline for organizations across critical sectors. Guardient provides an accessible, battle-tested path to achieve that baseline USX Cyber®USX Cyber® offers a unified cybersecurity solution that balances technical defense with audit-readiness. Its flagship platform, Guardient®, equips IT teams and service providers with an integrated suite that combines SIEM, SOAR, XDR, threat intelligence, and compliance automation in a single, easy-to-deploy Contact:Megan DonovanExternal Communications DirectorUSX Cyber, LLCmegan@ 732-245-3399Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Techday NZ
23-04-2025
- Business
- Techday NZ
Rapid7 unveils platform to help SOC teams cut through alert noise
Rapid7 has launched Intelligence Hub, a platform intended to equip security teams with actionable intelligence and contextual insights for improved threat detection and response. The introduction of Intelligence Hub comes amid increasing challenges faced by security teams, with a recent survey indicating that two-thirds of Security Operations Centre (SOC) analysts have experienced a significant rise in the number of security alerts over the past three years. Additionally, 70% of respondents reported a substantial increase in the number of security tools they are required to use. Intelligence Hub seeks to address industry issues such as fragmented intelligence platforms, lack of contextual information, and difficulties in prioritising security threats. The platform curates data from multiple sources, including Rapid7's proprietary honeypot network and research, as well as open-source communities. According to the company, a particular focus is placed on verifying low-prevalence, high-impact indicators to reduce the occurrence of false positives. This curated intelligence is available directly in the Rapid7 Command Platform, which enables analysts to incorporate relevant threat information within their existing workflows. The system aims to help teams prioritise the most significant threats and accelerate remediation activities. Raj Samani, Chief Scientist at Rapid7, commented: "Security organisations are drowning in noise, making timely responses to threats nearly impossible. Intelligence Hub addresses this challenge by focusing on curated intelligence, providing only the most relevant and verified indicators to enable rapid and effective action." Intelligence Hub offers features designed to help security teams contextualise threats based on the specific industry sector, geographical location, exposure to vulnerabilities, and the tactics and techniques used by threat actors. The methodology for attributing threats is clearly defined to support targeted mitigation strategies and improved resource allocation. The platform is structured to integrate with existing security tools, including Rapid7's next-generation Security Information and Event Management (SIEM) solution, InsightIDR. By delivering intelligence within established tools, Rapid7 aims to reduce the need for analysts to switch contexts during investigations, potentially leading to faster and more accurate responses. The company states that Intelligence Hub prioritises the most relevant threats by analysing active attacker campaigns, sector-specific targeting, and exploitability. The intelligence is curated by Rapid7 Labs researchers, combining honeypot data, open-source information, and internal research. The intention is to present security teams with high-fidelity alerts that are most likely to be actionable. Monika Soltysik, Senior Research Manager at IDC, highlighted some of the broader challenges in the threat intelligence market: "In IDC's October 2024 survey of U.S. organisations, the top three challenges with threat intelligence solutions were cost (42.2%), false positives and alert fatigue (40.0%), and data quality and reliability (39.7%). Solution providers that are proactively addressing these challenges, like Rapid7, are making it easier for their customers to understand and secure their attack surface." Rapid7 positions Intelligence Hub as a proactive tool for helping organisations cut through data overload, reduce noise, and ensure that resources are allocated to managing verifiable and relevant security threats.
