Webinar: What's New in Graylog 7.0 | Watch On-Demand >>

Contact Us
Free Tools
See Demo
Graylog logo blue

Tag: Enterprise Feed

The Human-AI Alliance in Security Operations

The Human-AI Alliance in Security Operations

Picture a SOC analyst starting an investigation. A suspicious spike in authentication activity appears on their dashboard, and they need to understand what’s happening quickly. To do that, they move through a familiar sequence of tools. What begins as a single investigation quickly turns into a chain of context switches:   Reviewing a dashboard Pivoting […]

Anomaly Detection with Machine Learning to Improve Security

Anomaly Detection With Machine Learning To Improve Security

Being a security analyst can feel like being trapped in a Where’s Waldo book. You can find yourself staring at a data stream looking for something that “isn’t like the others.” However, as your organization collects and correlates more data from the environment, finding the Waldo can feel overwhelming. In a modern IT environment, organizations […]

Observability vs Monitoring: Getting a Full Picture of the Environment

Driving down the highway, you usually glance intermittently at your speedometer to ensure that you stay within the speed limit, or whatever window above the speed limit you’re willing to drive. While monitoring your speed mitigates the risk of a ticket, you still need to look out for various threats on the road, like cars […]

Compliance Readiness with Audit Logging

Compliance Readiness Audit Logging

Whether pulling items together for a holiday dinner or prepping weekly meals, you need to have all the ingredients necessary to cook the meals you want to eat. Often, this means making a grocery list, checking off items as you take them from the shelves, and, possibly, grumbling when one of the items isn’t available. […]

From Atlassian JSON to Actionable Audit Insights

Actionable Atlassian Audit Insights

Atlassian audit logs carry high-value security and operational signals, yet the raw format makes them hard to use in day-to-day investigations. Nested JSON, arrays inside arrays, and localization keys turn routine questions into slow, manual work. For lean Security and IT teams, that friction shows up as delayed triage, fragile dashboards, and alerts that fire […]

Kubernetes Logging Best Practices

Kubernetest Logging Best Practices

You’re sitting at your desk, typing away, when all of a sudden you hear a “ping!” Unfortunately, you have a browser with fifteen tabs open, a task management application, email, messaging applications, and calendars all open, making it difficult to know exactly which technology just pinged you. To identify the source, you open your system […]

Introducing The First Graylog Helm Chart Beta V1.0.0

Graylog HELM Chart for Kubernetes

Graylog Helm Chart for Kubernetes: Beta V.1.0.0 Now Available Running Graylog on Kubernetes has been possible for a while, but let’s be honest: it usually involved a fair amount of DIY. Custom manifests, duct-taped values files, and more than one late-night kubectl describe pod. That changes today. We’re releasing the first-ever Graylog Helm chart for […]

Using LLMs, CVSS, and SIEM Data for Runtime Risk Prioritization

Using LLMS CVSS AND SIEM DATA For Runtime Risk

A recent University of North Carolina Wilmington study tested whether general-purpose large language models could infer CVSS v3.1 base metrics using only CVE description text, across more than 31,000 vulnerabilities. The results show measurable progress, but they also expose a hard limit that matters far more than model selection: Model quality helps, but missing context […]

Why AI Transformations in Security Fail Like New Year’s Gym Resolutions

Why AI Transformations in Security Fail Like New Year’s Gym Resolutions

Enterprise AI adoption moved fast. Speed mattered. Shipping mattered. Getting AI into production mattered. That phase is over. Security leaders are now asking a harder question: whether the AI already embedded in security operations is safe, explainable, and aligned with how modern SOC teams actually work. The focus has shifted from adoption to trust, specifically […]

Cloud vs On-Premised SIEM: One or the Other or Both?

Cloud VS On-Premises SIEM

While Hamlet asked the existential question “to be or not to be,” most security teams ask an equally esoteric question that ultimately defines their ability to manage alerting and detection: “to deploy on-prem or in the cloud?” When adopting a security information and event management (SIEM) solution, organizations must make a foundational decision around whether […]

Supervised AI Is the Fastest Path to Better Threat Triage ROI

Supervised AI Is the Fastest Path to Better Threat Triage ROI

Security operations teams are under sustained pressure. Alert volumes continue to rise, environments grow more distributed, and experienced analysts remain scarce. Much of the industry conversation around AI focuses on autonomy and fully automated response. That focus skips the most reliable efficiency gains available right now. Supervised AI applied to first-pass alert triage delivers measurable […]

Sigma Specification 2.0: What You Need to Know

Sigma Specification V2.0 what you need to know

Sigma rules have become the security team equivalent of LEGO bricks and systems. With LEGO, people can build whatever they can imagine by connecting different types of bricks. With Sigma Specification 2.0 rules, security teams can create vendor-agnostic detections without being limited by proprietary log formats.   In response to the Sigma rules’ popularity, the […]