Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Graylog

graylog

Considerations for Risk Rating Security Alerts

Jun 17, 2024 By Jeff Darrington In Graylog
Security incidents and data breaches are the cybersecurity version of the definition of squares and rectangles in geometry. While all data breaches are security incidents, not all security incidents are data breaches. Before investigating an incident, many security teams know whether the alert will relate to a minor incident or a large-scale breach.
Read Post
graylog

Why API Discovery Is Critical to Security

Jun 11, 2024 By Jeff Darrington In Graylog
For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called “tribbles.” In a modern IT department, APIs can be viewed as the digital tribble overwhelming security teams.
Read Post
graylog

Understanding The Cyber Resilience Act (CRA)

Jun 6, 2024 By Jeff Darrington In Graylog
The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2).
Read Post
graylog

Threat Detection and Incident Response with MITRE ATT&CK and Sigma Rules

May 29, 2024 By Jeff Darrington In Graylog
Being a security analyst tracking down threats can feel like being the Wile E. Coyote to an attacker’s Road Runner. You’re fast, but they’re faster. You set up alerts, but they still manage to get past your defenses. You’re monitoring systems, but they’re still able to hide their criminal activities.
Read Post
graylog

Understanding Broken Function Level Authorization

May 28, 2024 By The Graylog Team In Graylog
Application Programming Interfaces (APIs) allow your applications to talk to one another, like an application-to-application iMessage or Signal. If you’ve ever texted a message to the wrong group chat, you’ve created a situation that mimics what broken function level authentication does between users and applications.
Read Post
graylog

Monitoring for PCI DSS 4.0 Compliance

May 23, 2024 By The Graylog Team In Graylog
Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs.
Read Post
graylog

What is the MITRE ATT&CK framework?

May 9, 2024 By Jeff Darrington In Graylog
As a kid, treasure hunts were fun. Someone gave you clues and a map so you could hunt down whatever hidden item they left for you. However, as a security analyst, your incident investigations often have clues but lack a map. An alert fires. You search through your vast collection of log data. You hope to find the next clue while trying to figure out the attacker’s next steps.
Read Post
graylog

From the Desk Of the VP of Product - Delivering on the Promises of SIEM

May 7, 2024 By The Graylog Product Team In Graylog
I’m thrilled to share some incredibly exciting news – Graylog’s v6.0 is officially here! It’s been quite the journey getting to this point, filled with late nights, endless cups of coffee, and an unwavering commitment from our amazing team. As we unveil this latest version, I can’t help but reflect on how far SIEM technology has come over the past two decades. Gone are the days when Intellitactics and NetForensics reigned supreme.
Read Post

Top 5 Myths About API Security and What To Do Instead

Apr 15, 2024 By Graylog In Graylog
Discover the top five myths about API security and learn the effective strategies for protecting your digital assets. Understand why attacks are common, the limitations of perimeter security, and the importance of a zero trust model in this comprehensive overview. Uncover the realities of API security, from the prevalence of attacks to the challenges of relying on perimeter defenses. Learn why a zero trust approach and better developer engagement are key to robust API protection.
View Video

Graylog V6 and SOC Prime: Cyber Defense with MITRE Framework Webinar

Apr 11, 2024 By Graylog In Graylog
Insights from Graylog and SOC Prime Join us for an exclusive session where we unveil the integrations between Graylog, a comprehensive log management solution, and SIEM, and SOC Prime’s Platform for collective cyber defense. Discover how integrating these solutions transforms your approach to security, providing a robust foundation for crisis management and resilience against cyber threats.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.