Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

graylog

Using IP Lookup for Cybersecurity Monitoring

Jan 8, 2025 By Jeff Darrington In Graylog
Wherever you live, people can find you using either a street address or a set of latitude and longitude numbers. In the digital world, your website’s domain name or URL is the street address while the IP address is the latitude and longitude. For example, it would be cumbersome to tell people that you live at 35°05′17″N 109°48′23″W, but easy to say a number and street name. IP address data is useful for both protective and detective cybersecurity functions.
Read Post
graylog

Why Patching Isn't the Ultimate Goal in Cybersecurity

Jan 6, 2025 By The Graylog Product Team In Graylog
A recent analysis by JPMorganChase criticized the CVSS scoring process, finding missing context leads to misleading prioritization. When it comes to cybersecurity, patching vulnerabilities often feels like the Holy Grail. Get those CVEs patched, and you’re safe, right? Well, not exactly. As we know, patching isn’t as straightforward—or as effective—as we’d like to believe.
Read Post
graylog

Building a Security Data Lake Strategy

Jan 2, 2025 By Jeff Darrington In Graylog
The high volumes of security data that cloud environments generate leave security teams swimming in data, but many feel like they need a life preserver to improve their incident response capabilities. Enter security data lakes. As the costs associated with data retention become overwhelming, organizations are embracing the idea of security data lakes and data warehouses.
Read Post

Early Identification of Comprised Systems: Hybrid Threat Detection with the Magic of DNS

Dec 17, 2024 By Graylog In Graylog
In today’s rapidly evolving threat landscape, the ability to detect and neutralize threats before they inflict damage is critical. This session will showcase how combining multiple log collection strategies can supercharge your threat detection capabilities. By merging traditional DNS logs from your domain controllers with DNS alerts from Cisco Umbrella, you'll gain unprecedented insight into compromised systems at the earliest stages of an attack.
View Video
graylog

To Log or Not to Log, That WAS the Question: Rethinking Data Management with Graylog

Dec 16, 2024 By The Graylog Team In Graylog
Organizations have grappled with the cost-benefit tradeoff of log management and Security Information and Event Management (SIEM) for decades. Do you capture every log at the risk of overwhelming storage, infrastructure, and license costs, or limit your collection and gamble on what’s truly important? The high costs imposed by traditional vendors have dictated Sophie’s choice, forcing enterprises into a game of compromise that risks the entire organization’s security.
Read Post

Accelerating the FedRAMP and DoD Process with Graylog

Dec 10, 2024 By Graylog In Graylog
Are you ready to streamline your path to cloud compliance while ensuring top-tier security and efficiency? Join us for an exclusive live demonstration of XccelerATOr and Command Center, the cutting-edge solutions that are transforming how organizations achieve and maintain FedRAMP, DoD, and other stringent compliance standards.
View Video
graylog

Leveling Up Security Operations with Risk-Based Alerting

Dec 9, 2024 By Jeff Darrington In Graylog
In life, you get a lot of different alerts. Your bank may send emails or texts about normal account activities, like privacy notices, product updates, or account statements. It also sends alerts when someone fraudulently makes a purchase with your credit card. You can ignore most of the normal messages, but you need to pay attention to the fraud alerts. Security is the same way.
Read Post

Building a Modern SOC: Architecture, Challenges, and Success Stories

Dec 6, 2024 By Graylog In Graylog
What does it take to create a truly modern Security Operations Center (SOC)? In this session, we’ll dive into the essential components and architecture that define a cutting-edge SOC, exploring the challenges that organizations face during the modernization process. Through real-world examples, we’ll showcase how forward-thinking clients are successfully navigating these challenges and transforming their SOCs into modern security powerhouses.
View Video

Baking a SIEM: A Recipe for Graylog Open to Security and Beyond

Dec 4, 2024 By Graylog In Graylog
Aspire Bakeries' Graylog journey began in mid-2017 when we realized the current method of log review/collection on each device wasn’t working for us in Operations and we needed better way of working. Over the years we have grown our Graylog implementation from a single Graylog Open 2.0 VM for Operations Teams to a multi-node cluster handling 100MM+ messages per day and the center of our SOC.
View Video

API Security: 200 is Not Always Okay, and How to Cope with This

Dec 3, 2024 By Graylog In Graylog
While a 200 OK status often signals success, its appearance can be deceiving, especially when it cloaks significant threats within API interactions. This session expands on the critical role of APIs as part of the broader attack surface essential for robust Threat Detection, Identification, and Response (TDIR) programs. We’ll explore intricate case studies where seemingly successful responses harbored risks that bypass traditional monitoring. Learn how to enhance your SIEM capabilities by effectively detecting anomalies in API traffic, ensuring that every layer of interaction is scrutinized—not just the surface.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.