Latest publications 27 May 2025 Implementing SIEM and SOAR platforms: Executive guidance This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR. 27 May 2025 Implementing SIEM and SOAR platforms: Practitioner guidance This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. 27 May 2025 Priority logs for SIEM ingestion: Practitioner guidance This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 27 May 2025 Implementing SIEM and SOAR platforms: Practitioner guidance This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. 27 May 2025 Implementing SIEM and SOAR platforms: Executive guidance This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR. 27 May 2025 Priority logs for SIEM ingestion: Practitioner guidance This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices. 23 May 2025 AI Data Security This publication provides essential data security guidance for organisations that develop and/or use AI systems, including businesses, government and critical infrastructure. It highlights the importance of data security in ensuring the accuracy and integrity of AI outcomes, and presents an in-depth examination of 3 areas of data security risks in AI systems: data supply chain, maliciously modified (poisoned) data, and data drift. 21 May 2025 Convoluted layers: An artificial intelligence primer Rapid advances in artificial intelligence (AI), along with public releases of AI products, have prompted governments, businesses and criminals to accelerate efforts to incorporate this new technology into their operations. This advice provides definitions for some of the most commonly encountered AI terms in cybersecurity and a brief typology of cyber threats that will arise from AI. 19 May 2025 Geo-blocking in context: Realities, risks and recommendations This guidance is intended for decision makers and cybersecurity practitioners. It highlights what to be aware of when identifying the source of a threat and the potential implications of geo-blocking in a broader cybersecurity strategy. Pagination Page 1 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary