2025 Security Trends That Defined the SOC and What 2026 Will Demand
2025 exposed a shift that had been forming for years. Security operations were not slowed by limited visibility or weak tooling. They were slowed because the effort required to interpret growing volumes of data increased faster than staffing, budgets, or governance frameworks could support. Alert queues expanded, dashboards multiplied, cloud bills shaped retention choices, and […]
Understanding Ransomware Email Threats
The Ransomware-as-a-Service (RaaS) ecosystem has changed the look and shape of modern day ransomware attacks. Malicious actors typically view their cybercrimes as a business, hoping to make the most amount of money with the least amount of effort. For example, according to research, AI-automated phishing attacks performed similarly to human generated ones and 350% better […]
How to Use MCP to Optimize Your Graylog Security Detections
Security teams face a critical question: “What logs should we collect, and what detections should we enable to protect against threats targeting our industry?” For a bank in the northeast, this isn’t academic. Threat groups like FIN7, Lazarus Group, and Carbanak specifically target financial institutions with sophisticated attacks ranging from SWIFT compromise to ransomware. But […]
Why a People-Centric Security Strategy Improves Resilience
If Darth Vader and the rest of the Empire made one major strategic mistake, it was failing to understand the important role that the human element plays in security. Convinced of their superiority, the Empire’s leaders assumed that the Death Star was impenetrable. However, in the end, it was a scientist and his team who […]
Understanding How a Log Correlation Engine Enables Real-Time Insights
Tax season is notoriously most people’s least favorite time of year. For people who complete their own tax returns, the process becomes an agonizing one of looking at small pieces of paper, matching numbers to the lines that ask for information, and comparing various inputs. In essence, doing your taxes makes you a correlation engine. […]
The First Graylog Engineering Hackathon
As part of the blog series written by the Graylog Development Team, today we want to give you some deeper insights into how we approach Engineering. A great example for this is our first-ever Graylog Engineering Hackathon, which we recently completed! Engineering at Graylog – and How We Changed It for the Hackathon At […]
What Is a Data Pipeline
In today’s tech world, IT and security technologies are the functional equivalent of Pokemon. To gain the insights you need, you “gotta catch ‘em all” by ingesting, correlating, and analyzing as much security data as possible. Data pipelines organize chaotic information flows into structured streams, ensuring that data is reliable, processed, and ready for […]
MCP Explained: Conversational AI for Graylog
Quick Overview Model Context Protocol (MCP) gives large language models (LLMs) a secure way to interact with your Graylog data and workflows. Instead of writing complex queries, you can ask questions in plain English, such as: “Which inputs are active?” “How much disk space is my Graylog server using?” Get real-time answers grounded in your […]
7 Steps to an Efficient Security Operations Center Design
In the original Star Trek television show, Captain Kirk would slightly recline in a command chair with various buttons that allowed him to deploy different technologies. Regardless of the alien threat, he had the necessary tools at his disposal to protect the Enterprise and his staff. An organization’s security operations center (SOC) acts as […]
What’s New in Graylog 7.0 Webinar
SIEM & Log Management — Without Compromise When: Wednesday, November 12, 11AM ET Who: Graylog Enterprise & Security customers and Graylog Open users Join us for a 30-minute walkthrough of the Graylog 7.0 Fall ’25 Release — built to make every analyst faster and every decision clearer. Graylog 7.0 brings explainable AI, guided […]
Gobbling Up Insights: Graylog 7.0 Serves Up a Feast
A feast of new features. A cornucopia of new capabilities. A banquet of breakthroughs (and the T-day puns are just getting started). Graylog 7.0 brings a full plate of advancements that help security teams cut through noise, control cloud costs, and respond with confidence. We’re serving practical improvements across dashboards, automation, and AI support so […]
Sliding Through Log-Time Space
This post kicks off a new series written by the Graylog Development Team. In these updates, we’ll highlight the features and fixes that make daily work in Graylog smoother. We want to show the work we care so much about and present the challenges we faced and overcame. Today, we’re starting with one of those […]