Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

graylog

Audit Log: Feature Guide for Security and Compliance

Feb 28, 2023 By Graylog In Graylog
In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.
Read Post
devo

Succeeding with UEBA in a Rapid Data Growth World

Feb 28, 2023 By The Devo Team In Devo

With the rapid expansion in both scale and variety of technologies in modern business systems, there comes a need to further secure those technologies to prevent nefarious actors from causing havoc. The expanding data landscape creates a much larger attack surface for bad actors to exploit, and as a result leaves many organizations at risk from theft, fraud or other undesirable behavior.

Read Post
graylog

The importance of event correlation techniques in SIEM

Feb 24, 2023 By Graylog In Graylog
Event correlation tools are a fundamental instrument in your toolbox to detect threats from all sources across your organization in real time. A wise use of the right event correlation techniques through log management and analysis is the cornerstone of any reliable security information and event management (SIEM) strategy – a strategy that focuses on prevention rather than reaction.
Read Post
CrowdStrike

Mitigate Cyber Risk From Email With the Falcon LogScale and Mimecast Integration

Feb 23, 2023 By LogScale Engineering In CrowdStrike

Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks.

Read Post
CrowdStrike

How to Ingest Data into Falcon LogScale Using Python

Feb 23, 2023 By Wil How In CrowdStrike

This post covers how to ingest data into CrowdStrike Falcon® LogScale from your MacOS platform using Python. This guide is great for setting up a one-node proof of concept (POC) so you can take advantage of LogScale’s free trial. Before you can write your ingest client, you must prepare a good foundation. That means preparing your MacOS instance via the following steps: Ready? Let’s get started.

Read Post
splunk

Ransomware Families Bringing Home the Biggest Security Risks

Feb 22, 2023 By Chrissy Kidd In Splunk
Ransomware is the type of malware that locks you out of your own computer until you pay a ransom. This digital extortion is one of the most serious security threats facing the Internet today. Ransomware not only impacts unsuspecting Internet users, but business organizations, government institutions and even critical services such as utility, healthcare and emergency facilities. Ransomware has been around for many years.
Read Post
graylog

Cyber Security: Understanding the 5 Phases of Intrusion

Feb 21, 2023 By Graylog In Graylog

Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. The good thing is that cybercriminals use a methodical approach when planning an attack. By understanding their process and knowing your network, you will be better prepared and able to stay one step ahead.

Read Post

Coffee Talk with SURGe!

Feb 21, 2023 By Splunk In Splunk
Grab a cup of coffee and join David Bianco, Shannon Davis, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: David Bianco and Shannon Davis also competed in a charity challenge comparing the pros and cons of the Pyramid of Pain, a conceptual model created by David to order indicators of compromise (IOCs) by the pain they cause adversaries when the IOCs are not available to them.
View Video
splunk

The Triple DES Intro: Triple Data Encryption Standard

Feb 21, 2023 By Muhammad Raza In Splunk
Triple Data Encryption Standard (Triple DES) is a symmetric block cipher-based cryptography standard that uses fixed length keys with three passes of the DES algorithm. As a symmetric cryptographic scheme, DES implementations rely on the same secret keys shared between the sender and the recipient. As we’ll see later, Triple DES was developed as a way to prevent man in the middle attacks. Let’s take a look at Triple DES — and we’ll start first with DES.
Read Post
splunk

Introduction To Key Management

Feb 21, 2023 By Guest In Splunk
Cryptography is used to secure data at rest, stored in servers, and in motion, transmitted over the network. Cryptography involves mathematical operations that convert the original plaintext into an unintelligible ciphertext (encryption) and the reverse process, converting ciphertext to plaintext (decryption). Cryptographic algorithms apply these algorithms in combination of keys, which serve as a secret knowledge to complete the algorithmic operations correctly.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.