Logging

SIEM, Simplified

Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects: Coined in 2005 by Amrit Williams and Mark Nicolett of Gartner, the term SIEM now serves as a synonym for the gathering, analyzing, and presenting network and security information as well as external threat data and vulnerability management.

Cybersecurity Skills for Pros To Have in 2024

So, you’re interested in cybersecurity! That’s great, because the whole world needs more skilled security professionals. Cybersecurity is the massive practice of “protecting computer and network systems against intrusion, theft or damage. It’s the main line of defense against a vast number of digital adversaries.” The consequences of bad cybersecurity is disastrous, potentially resulting in losses in the millions of dollars.

OT Security Is Different, Isn't IT?

In 2010 suddenly everyone was talking about OT security. Stuxnet had arrived. In 2021, The Colonial Pipeline hack increased the attention on the security of operational technology again. Since then, we have encountered numerous incidents, and the risk of breaches within the OT environment has increased significantly. But why is OT security a separate ‘thing’ in security. What is the difference between OT and IT in the cyber security field?

Risk Mitigation for Organizations: The Complete Guide

Running a business involves taking calculated risks — but unexpected events can have devastating consequences. Risk mitigation is a process that helps companies identify potential risks and take proactive measures to mitigate them. In this blog, we'll explore the importance of risk mitigation and how businesses can protect their assets, reputation, and financial stability.

Executive Order (EO) 14110: Safe, Secure & Trustworthy AI

More news about Artificial Intelligence (AI)? We know. It’s hard to avoid the chatter — and that’s for good reason. The rise of AI has many people excited for things to come. But many others are, quite understandably, concerned about the ethical implications of this powerful technology. Fortunately, the Biden Administration is working to address the concerns of the American people by governing the development and use of AI.

Feeding Your First SIEM with Graylog

Before diving into our blog post topic, allow me to introduce myself. My name is Joel and I work with the solution engineering team at Graylog. Our primary task is to work with our customers and prospective clients on how to manage and make the most out of Graylog in their respective IT environments. One of our main tasks is to identify the logs sources they should incorporate and the kind of volumes they should anticipate.

M-21-31 logging compliance: Overcoming the 3 top challenges

How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.

SSL/TLS Web Security Certificates & Protocols

Have you ever wondered about the tiny padlock icon in your browser and why it's there? This little padlock icon, along with the "https" in the URL, signifies that your connection to the website you're on is secure and encrypted using SSL/TLS protocols. It's a symbol that represents the security of all types of information transferred to and from your website — not just for ecommerce transactions.

Introducing Our New SOAR Integrations: Why Panorama and FortiManager Users Should Be Excited

Hello there, cybersecurity aficionados! We're thrilled to unveil our latest and greatest Splunk SOAR apps, tailored for the giants of the firewall space: Panorama and FortiManager. These sophisticated apps help us deliver the most compelling automation for our community, no matter the tools they have deployed. Much like our playbooks packs from earlier this year, these integrations are another great way for users to align their incident response approach to MITRE D3FEND.