|
By Jeff Darrington
Initially published by the Open Worldwide Application Security Project (OWASP) in 2023, the Top 10 for LLM Application Security list seeks to bridge the gap between traditional application security and the unique threats related to large language models (LLMs). Even where the vulnerabilities listed have the same names, the Top 10 for LLM Application Security focuses on how threat actors can exploit LLMs in new ways and potential remediation strategies that developers can implement.
|
By Jeff Darrington
The European Union (EU) cybersecurity regulatory landscape is reminiscent of a medieval tapestry full of interwoven threads that complement one another to create the larger picture. Regulation (EU) 2019/881 created the foundation for information and communications technology (ICT) cybersecurity certification.
|
By Jeff Darrington
2001: A Space Odyssey introduced the world to HAL 9000, the fictional artificial intelligence (AI). HAL’s capabilities include everything from facial recognition to natural language processing and automated reasoning. As HAL malfunctions over time, the computer becomes violent to prevent the humans from disconnecting it. The story serves as a morality tale suggesting that without human oversight, AI is dangerous.
|
By Jeff Darrington
The Terminator is often people’s reference point for artificial intelligence (AI), especially when they worry that technology will be the end of civilization. However, on the other end of the AI spectrum is the beloved, marshmallow fluff Baymax, the helper robot providing assistance to those in his presence. The reality of AI sits somewhere between these two extremes. For security teams, AI initially seemed like a revolutionary technology that would offer faster detection and automated analysis.
|
By Jeff Darrington
As a child, rubber bands almost seemed magical. They would stretch to fit a size or shape. They could be flung across a room, although not ever at another person and certainly not a sibling. Their resilience means that they would always return to their original shape after being stretched, flung, or twisted.
|
By Jeff Darrington
The Australian Signals Directorate (ASD) is the overarching agency that incorporates the Australian Cyber Security Centre (ACSC), the government’s technical cybersecurity authority. In 2018, the ASD became a statutory agency, assuming responsibility for the Computer Emergency Response Team Australia and the Digital Transformation Agency.
|
By Jeff Darrington
Recent reports of a cyberattack targeting medical device manufacturer Stryker highlight a growing challenge for modern organizations: maintaining visibility across every device connected to their networks. The Michigan-based healthcare technology company reported a global network disruption affecting its Microsoft environment following a cyberattack.
|
By Jeff Darrington
International travel comes with amazing sights, cultural experiences, and local delicacies. However, most travelers know that it comes with differing economies that impact a money’s value and various currencies. When people need cash, they have to translate the money in their wallets to the local currency, which means different coins and bills. Depending on the exchange rate, the currency’s value can change as the person moves from one country to another.
|
By Jeff Darrington
As governments continue to digitize services, the number of systems that support public administration continues to grow. With this expansion comes greater cybersecurity risk. To address these risks, Spain established the Esquema Nacional de Seguridad (ENS), a national framework designed to protect information systems used by public sector organizations. ENS defines the security requirements that ensure government systems remain secure, reliable, and resilient.
|
By Jeff Darrington
Text editors rarely show up in threat models. Installers show up even less. CVE-2025-49144 changes that. The issue is a local privilege escalation in the Notepad++ Windows installer that can allow a low-privileged user to gain SYSTEM-level execution by abusing insecure executable search behavior during installation. Affected versions include Notepad++ 8.8.1 and earlier, per the NVD record.
|
By Graylog
Most folks build their SIEM the same way they load a junk drawer: by shoving in whatever they already have—Active Directory, firewalls, and a whole lot of “eh, why not.” But at Graylog, we think you deserve better than a glorified log toilet. In this talk, we’ll flip the script: start with the problems you’re actually trying to solve, then figure out what you need to know, then what data supports that. And with Graylog’s Intelligent Data Routing, you can now act on that plan—sending high-value data to hot storage and archiving the rest to standby storage for when (and if) it’s needed. Build your SIEM like it has a brain—and a budget.
|
By Graylog
Follow Joel Duffield while he talks about why some systems just don’t want to be logged. Whether it’s your backup tool that only sends email alerts, your budget IoT device that wasn’t built for enterprises, or that one SaaS app stuck on the free tier—there’s no clean way to get their messages into your SIEM.
|
By Graylog
Lean security teams operating in hybrid and regulated environments are not just fighting threats. They are fighting time. When evidence is scattered across email, identity, VPN endpoints, cloud, and network tools, even a solid detection means nothing if triage slows to a crawl. In this episode of Logs and Lattes, host Palmer Wallace and Graylog Solutions Architect Kyle Pearson break down the top ten security threats hybrid organizations are actually dealing with in 2026 and the single common failure behind most of them: fragmented telemetry that delays investigation when it matters most.
|
By Graylog
Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.
|
By Graylog
Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.
|
By Graylog
How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.
|
By Graylog
Graylog earned recognition from both Gartner and GigaOm, and it is reshaping how teams think about SIEM. In this episode of Logs & Lattes, host Palmer Wallace talks with Kimber Spradlin, Chief Marketing Officer at Graylog, about what this dual recognition means for customers, analysts, and the future of security operations.
|
By Graylog
Graylog earned recognition from both Gartner and GigaOm, and it is reshaping how teams think about SIEM. In this episode of Logs & Lattes, host Palmer Wallace talks with Kimber Spradlin, Chief Marketing Officer at Graylog, about what this dual recognition means for customers, analysts, and the future of security operations.
|
By Graylog
Security teams are overwhelmed by alerts, but which ones really matter? In this episode of Logs & Lattes, host Palmer Wallace talks with Rich Murphy, Senior Product Manager at Graylog, about how smarter security operations help teams cut through the noise and focus on what truly reduces risk. From alert fatigue to risk-first response, they unpack practical ways to prioritize real threats, automate with context, and make incident response faster and more effective. Learn how modern SOCs are evolving beyond alert overload to focus on meaningful, risk-based action.
|
By Graylog
In this episode of Logs & Lattes, host Palmer Wallace talks with Rich Murphy, Senior Product Manager at Graylog, about how smarter security operations help teams cut through the noise and focus on what truly reduces risk. From alert fatigue to risk-first response, they unpack practical ways to prioritize real threats, automate with context, and make incident response faster and more effective. Learn how modern SOCs are evolving beyond alert overload to focus on meaningful, risk-based action.
|
By Graylog
When it comes to security data enrichment, it's helpful to think beyond threat intelligence. This white paper explores viable standard and advanced third-party intelligence enrichment sources that are often overlooked.
|
By Graylog
In this guide, what to consider when selecting a source of threat intelligence and how to make threat intelligence work for your organization.
|
By Graylog
When alerts go unheeded or don't deliver next steps on how to mitigate threats, SIEM can become an expensive and ineffective tool.
|
By Graylog
This paper examines the critical criteria to consider when evaluating tools for managing your data. There are compelling reasons why Graylog is the best choice for log management and analysis.
|
By Graylog
The previous data protection directive passed long before the Internet became the primary marketplace for businesses. In light of recent data and privacy issues, consumers demand higher standards for more security.
- April 2026 (4)
- March 2026 (7)
- February 2026 (4)
- January 2026 (6)
- December 2025 (10)
- November 2025 (4)
- October 2025 (12)
- September 2025 (7)
- August 2025 (4)
- July 2025 (7)
- June 2025 (8)
- May 2025 (4)
- April 2025 (5)
- March 2025 (8)
- February 2025 (7)
- January 2025 (6)
- December 2024 (8)
- November 2024 (8)
- October 2024 (6)
- September 2024 (3)
- August 2024 (5)
- July 2024 (3)
- June 2024 (6)
- May 2024 (4)
- April 2024 (5)
- March 2024 (8)
- February 2024 (8)
- January 2024 (5)
- December 2023 (7)
- November 2023 (2)
- October 2023 (2)
- September 2023 (5)
- August 2023 (4)
- July 2023 (6)
- June 2023 (5)
- May 2023 (4)
- April 2023 (3)
- March 2023 (3)
- February 2023 (5)
- January 2023 (2)
- December 2022 (2)
- November 2022 (2)
- October 2022 (5)
- August 2022 (2)
- July 2022 (1)
- June 2022 (4)
- May 2022 (5)
- April 2022 (6)
- March 2022 (6)
- February 2022 (1)
- January 2022 (3)
- December 2021 (3)
- November 2021 (1)
- October 2021 (4)
- September 2021 (6)
- August 2021 (4)
- July 2021 (3)
- June 2021 (7)
- May 2021 (3)
- April 2021 (1)
- March 2021 (2)
- December 2020 (2)
- October 2020 (4)
- May 2020 (1)
- January 2019 (3)
- December 2018 (2)
Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. We deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Thousands of IT professionals rely on Graylog's scalability, comprehensive access to complete data, and exceptional user experience to solve security, compliance, operational, and DevOps issues every day.
Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can find meaning in data more easily and take action faster.