Monthly Archive

What is the OWASP Top 10 for LLM Application Security

Apr 10, 2026 By Jeff Darrington In Graylog

Initially published by the Open Worldwide Application Security Project (OWASP) in 2023, the Top 10 for LLM Application Security list seeks to bridge the gap between traditional application security and the unique threats related to large language models (LLMs). Even where the vulnerabilities listed have the same names, the Top 10 for LLM Application Security focuses on how threat actors can exploit LLMs in new ways and potential remediation strategies that developers can implement.

Read Post

Graylog

Read more about What is the OWASP Top 10 for LLM Application Security

The Golden Throne: Stop Blindly Flushing

Apr 9, 2026 By Graylog In Graylog

Most folks build their SIEM the same way they load a junk drawer: by shoving in whatever they already have—Active Directory, firewalls, and a whole lot of “eh, why not.” But at Graylog, we think you deserve better than a glorified log toilet. In this talk, we’ll flip the script: start with the problems you’re actually trying to solve, then figure out what you need to know, then what data supports that. And with Graylog’s Intelligent Data Routing, you can now act on that plan—sending high-value data to hot storage and archiving the rest to standby storage for when (and if) it’s needed. Build your SIEM like it has a brain—and a budget.

View Video

Graylog

Read more about The Golden Throne: Stop Blindly Flushing

Understanding the European Cybersecurity Certification Framework

Apr 6, 2026 By Jeff Darrington In Graylog

The European Union (EU) cybersecurity regulatory landscape is reminiscent of a medieval tapestry full of interwoven threads that complement one another to create the larger picture. Regulation (EU) 2019/881 created the foundation for information and communications technology (ICT) cybersecurity certification.

Read Post

Graylog

Read more about Understanding the European Cybersecurity Certification Framework

The Island of Misfit Logs: Logging the Weird Stuff

Apr 6, 2026 By Graylog In Graylog

Follow Joel Duffield while he talks about why some systems just don’t want to be logged. Whether it’s your backup tool that only sends email alerts, your budget IoT device that wasn’t built for enterprises, or that one SaaS app stuck on the free tier—there’s no clean way to get their messages into your SIEM.