Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Understanding The Cyber Resilience Act (CRA)

The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2).

Threat Detection and Incident Response with MITRE ATT&CK and Sigma Rules

Being a security analyst tracking down threats can feel like being the Wile E. Coyote to an attacker’s Road Runner. You’re fast, but they’re faster. You set up alerts, but they still manage to get past your defenses. You’re monitoring systems, but they’re still able to hide their criminal activities.

Understanding Broken Function Level Authorization

Application Programming Interfaces (APIs) allow your applications to talk to one another, like an application-to-application iMessage or Signal. If you’ve ever texted a message to the wrong group chat, you’ve created a situation that mimics what broken function level authentication does between users and applications.

Monitoring for PCI DSS 4.0 Compliance

Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs.

What is the MITRE ATT&CK framework?

As a kid, treasure hunts were fun. Someone gave you clues and a map so you could hunt down whatever hidden item they left for you. However, as a security analyst, your incident investigations often have clues but lack a map. An alert fires. You search through your vast collection of log data. You hope to find the next clue while trying to figure out the attacker’s next steps.

From the Desk Of the VP of Product - Delivering on the Promises of SIEM

I’m thrilled to share some incredibly exciting news – Graylog’s v6.0 is officially here! It’s been quite the journey getting to this point, filled with late nights, endless cups of coffee, and an unwavering commitment from our amazing team. As we unveil this latest version, I can’t help but reflect on how far SIEM technology has come over the past two decades. Gone are the days when Intellitactics and NetForensics reigned supreme.

Three Ways To Remove Complexity in TDIR

Gartner identified security technology convergence as one of the key trends both in 2022 and 2023 as a necessity to remove complexity in the industry. Especially for Threat Detection and Incident Response (TDIR), simplification continues to resonate with cyber teams overwhelmed by too many tools and the continuous cutting and pasting from one tool to another.

The Ultimate Guide to Sigma Rules

In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.

Meeting Compliance Regulations with SIEM and Logging

SIEM and log management provide security to your organization; these tools allow your security analysts to track events such as potential and successful breaches of your system and react accordingly. Usually, it doesn’t matter how you ensure your organizational safety as long as you do. However, is your organization in the health, financial, or educational industry?