Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Lost Payload: MSIX Resurrection

Oct 9, 2025 By Splunk In Splunk
MSIXBuilder transforms what was traditionally a complex, multi-tool process into a single automated workflow that mirrors actual attacker techniques. By automatically handling certificate lifecycle management, dependency resolution, and package signing, the tool removes the technical barriers that previously prevented security teams from creating realistic test scenarios. This means defenders can quickly generate both signed and unsigned MSIX packages to validate their AppXDeployment event log coverage, confirm detection rules, and build detection coverage that actually works against real-world threats.
View Video
splunk

Incident Command Systems: How To Establish an ICS

Oct 8, 2025 By Joseph Nduhiu In Splunk
Standardizing the management and coordination of incident response and resolution activities across different independent agencies is challenging. As part of its mission to help people before, during, and after disasters, the Federal Emergency Management Agency (FEMA) created the Incident Command System (ICS) as one of the components of the National Incident Management System (NIMS).
Read Post
graylog

How Graylog Helps You Spot LockBit-Style Attacks Sooner

Oct 6, 2025 By Jeff Darrington In Graylog
The DFIR Report recently detailed a LockBit attack with ransomware intrusion that succeeded without advanced exploits or zero-day vulnerabilities. The attack relied on a stolen AnyDesk installer, credential reuse, and renamed PowerShell scripts that blended into routine activity. These moves were not sophisticated, but they were fast and effective. The end result: complete domain encryption.
Read Post

Smart Logging Without the Price Trap

Oct 3, 2025 By Graylog In Graylog
How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.
View Video
graylog

Security Pipelines Are Broken. Here's How to Fix Them

Oct 2, 2025 By The Graylog Team In Graylog
There’s a quiet failure at the heart of many security programs. It’s not a lack of data. It’s too much of the wrong data. Telemetry pipelines built for volume, not visibility, now flood teams with noise instead of insight. The result? More alerts. Slower response. Overworked analysts are stuck maintaining ingestion rules instead of catching real threats.
Read Post
graylog

The Value of a Robust Vulnerability Management Program

Sep 29, 2025 By Jeff Darrington In Graylog
Back before live security video feeds in homes, people would walk around at night checking to make sure they locked every window and door. They took these precautions because they knew that a single open lock gave burglars an opportunity to steal from them. For organizations, vulnerability management programs are a way to lock the doors against cybercriminals.
Read Post
graylog

Compliance vs Security: The Business Value of Alignment

Sep 24, 2025 By Jeff Darrington In Graylog
Compliance is not, nor has it ever been, security. Compliance is the spellcheck of the security world. Security is the work that people do every day to implement, enforce, and monitor the controls that protect systems, networks, applications, devices, users, and data. Compliance is the process of reviewing security work to ensure that it functions as intended. Compliance is an important component of an organization’s security posture.
Read Post
The Value Of Log Management For Building Reliable IT Infrastructures

The Value Of Log Management For Building Reliable IT Infrastructures

Sep 24, 2025 By SecuritySenses In SecuritySenses
Reliability is a non-negotiable requirement. Organizations of all sizes depend on stable systems to deliver services, protect data, and maintain customer trust. Behind the seamless performance of applications and networks lies a wealth of activity recorded in system logs. These logs, often overlooked, provide crucial insights into operations, performance, and security. Effective log management, such as collecting, analyzing, and monitoring these records, is fundamental to building and maintaining a resilient IT infrastructure.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.