|
By Jeff Darrington
A structured approach to incident response enables you to create consistently repeatable processes. Your incident response playbook defines responsibilities and guides your security team through a list of activities to reduce uncertainty if or when an incident occurs. MITRE ATT&CK Framework outlines the tactics and techniques that threat actors use during different stages of an attack.
|
By Jeff Darrington
In today’s cyber threat landscape, almost everyone is one bad day away from a security incident. While not every incident becomes a data breach, security teams need to be prepared for anything. Just like that one friend who has a spreadsheet to help them organize the minute tasks associated with a project, security teams need to have a prepared list of steps to take during an incident.
|
By Jeff Darrington
An Internet Protocol (IP) address is the digital equivalent of your home address. Your home has a unique identification number that gives information about your physical geographic location, like road, city, state, and country. An IP address provides similar information about the people and devices connected to a network.
|
By Jeff Darrington
Back in the early days of the internet, people looked forward to hearing that deep, robotic voice announcing “you’ve got mail!” Today, whether you like it or not, email is fundamental to personal and business communications. In 2022, people sent and received an estimated 333 billion emails daily, with the number expected to increase to 392.5 billion by 2026. Experiencing a security incident on your email server can interrupt business operations leading to lost revenue.
|
By Graylog Security
Managing vulnerabilities can feel like the end of the first act of Les Misérables as you sing to yourself, “one day more, another day another vulnerability.” Like Jean Valjean, you attempt to put up barricades to protect your environment from attackers exploiting these security weaknesses. Keeping pace with the number of vulnerabilities and threat actor activities becomes overwhelming, leaving you to feel outnumbered and outmanned.
|
By The Graylog Team
Imagine that you have a snack you want to eat while watching a movie on a Friday night. You look in your kitchen, only to find the snack missing. Whether a roommate hid the snack or ate it, you no longer have access to it, disrupting your evening plans. This destructive behavior interrupts your weekend objectives, but it’s pretty low stakes overall.
|
By Ethan C. Keaton
Responding rapidly to cyber threats is a make-or-break capability in today’s high-stakes security environment. A missed alert can quickly escalate a minor incident into a major crisis, jeopardizing your organization’s critical assets and hard-earned reputation. A recent IBM study revealed that companies took an average of 237 days to identify a data breach in 2021 — an inexcusable delay that could invite catastrophic consequences. (Source: IBM Cost of a Data Breach Report 2022)
|
By Jeff Darrington
Security incidents and data breaches are the cybersecurity version of the definition of squares and rectangles in geometry. While all data breaches are security incidents, not all security incidents are data breaches. Before investigating an incident, many security teams know whether the alert will relate to a minor incident or a large-scale breach.
|
By Jeff Darrington
For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called “tribbles.” In a modern IT department, APIs can be viewed as the digital tribble overwhelming security teams.
|
By Jeff Darrington
The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2).
|
By Graylog
Chat Spears Director of Security Operations and Jason Shropshire Co-Founder, COO of Infusionpoints, hightlight their use of Graylog when helping customers achieve FedRAMP Authorization.
|
By Graylog
Discover the top five myths about API security and learn the effective strategies for protecting your digital assets. Understand why attacks are common, the limitations of perimeter security, and the importance of a zero trust model in this comprehensive overview. Uncover the realities of API security, from the prevalence of attacks to the challenges of relying on perimeter defenses. Learn why a zero trust approach and better developer engagement are key to robust API protection.
|
By Graylog
Insights from Graylog and SOC Prime Join us for an exclusive session where we unveil the integrations between Graylog, a comprehensive log management solution, and SIEM, and SOC Prime’s Platform for collective cyber defense. Discover how integrating these solutions transforms your approach to security, providing a robust foundation for crisis management and resilience against cyber threats.
|
By Graylog
Take a 20 Minute demo tour of Graylog and see some of it's features and capabilities in action. View insights on how Graylog can help your IT Operations and IT Security.
|
By Graylog
Take a tour through the latest version of Graylog API Security. Understand how you can find threats and vulnerabilities in your API landscape.
|
By Graylog
In this short video, Melinda Marks, ESG Cybersecurity Practice Director reviews the results of her recent study on the urgency of securing the API attack surface after surveying 400 IT, cybersecurity, and application development professionals.
|
By Graylog
Graylog Support Engineer Will Trelawny shares invaluable insights into enhancing Graylog security through encryption and authentication using transport layer security (TLS). He provides an in-depth and easy-to-follow walkthrough on setting up Graylog deployment configurations, encrypting communications, authenticating nodes, and securing the OpenSearch backend. The video also includes practical demonstrations on why and how to encrypt logs, authenticate log sources, and secure communication with OpenSearch. This video is an excellent resource for anyone looking to strengthen their Graylog security measures.
|
By Graylog
Discover and Improve Your API Security with Graylog! In this quick demo, Rob from Resurface now Graylog, showcases how Graylog helps you understand and manage your API attack surface. From identifying Rogue, prohibited, and deprecated APIs to automatically discovering and summarizing common types of attacks and failures, Graylog streamlines API security. No technical expertise needed – the system categorizes API calls into meaningful buckets, providing detailed views, including full request and response details. Easily create custom signatures, export data, and receive alerts with Graylog's comprehensive API security solution.
|
By Graylog
When it comes to security data enrichment, it's helpful to think beyond threat intelligence. This white paper explores viable standard and advanced third-party intelligence enrichment sources that are often overlooked.
|
By Graylog
In this guide, what to consider when selecting a source of threat intelligence and how to make threat intelligence work for your organization.
|
By Graylog
When alerts go unheeded or don't deliver next steps on how to mitigate threats, SIEM can become an expensive and ineffective tool.
|
By Graylog
This paper examines the critical criteria to consider when evaluating tools for managing your data. There are compelling reasons why Graylog is the best choice for log management and analysis.
|
By Graylog
The previous data protection directive passed long before the Internet became the primary marketplace for businesses. In light of recent data and privacy issues, consumers demand higher standards for more security.
- July 2024 (4)
- June 2024 (7)
- May 2024 (5)
- April 2024 (5)
- March 2024 (9)
- February 2024 (8)
- January 2024 (5)
- December 2023 (7)
- November 2023 (2)
- October 2023 (2)
- September 2023 (5)
- August 2023 (4)
- July 2023 (6)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (3)
- February 2023 (5)
- January 2023 (2)
- December 2022 (2)
- November 2022 (2)
- October 2022 (5)
- August 2022 (2)
- July 2022 (1)
- June 2022 (4)
- May 2022 (5)
- April 2022 (6)
- March 2022 (6)
- February 2022 (1)
- January 2022 (3)
- December 2021 (3)
- November 2021 (1)
- October 2021 (4)
- September 2021 (6)
- August 2021 (4)
- July 2021 (3)
- June 2021 (7)
- May 2021 (3)
- April 2021 (1)
- March 2021 (2)
- December 2020 (2)
- October 2020 (4)
- May 2020 (1)
- January 2019 (3)
- December 2018 (2)
Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. We deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Thousands of IT professionals rely on Graylog's scalability, comprehensive access to complete data, and exceptional user experience to solve security, compliance, operational, and DevOps issues every day.
Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can find meaning in data more easily and take action faster.