What’s New In Graylog 7.1 Webinar
What to Expect? Graylog 7.1 is built for lean security and IT operations teams who need real outcomes, not more tools, more add-ons, or more manual work. This 30-minute deep dive session covers what’s new and what it means for your team. When? Tue, May 19, 2026 11:00 AM EDT What you’ll learn: How […]
Critical Windows Event ID’s to Monitor
Like most organizations, your company likely invested in various Microsoft products. The Microsoft ecosystem provides businesses with nearly every kind of technology necessary, from workstation operating systems to Azure to Windows 365 that includes cloud-native versions of their traditional Office tools and the communication platform Teams. However, attackers are just as invested in the Microsoft […]
India’s Data Protection Law: The Digital Personal Data Protection Act
In 2023, India’s Parliament approved and published The Digital Personal Data Protection Act (DPDPA). In many ways, the DPDPA is similar to other regulations, like the General Data Protection Regulation (GDPR). It establishes a similar data subject, or in this case Data Principal, rights of notice, consents, access, correction, and erasure. In other ways, the […]
Understanding the Australian Information Security Manual (ISM)
The Essential Eight identifies the most critical cybersecurity risk mitigation controls, providing a set of minimum baseline strategies. As organizations work to mature the security posture, the Essential Eight maturity model offers some options that they can use. However, for organizations that need to implement a more comprehensive security program, the Australian Signals Directorate (ASD) […]
May the Logs Be With You: Graylog 7.1 Is Here
A long time ago, in a SOC far, far away…analysts were drowning in alerts, chasing context across fragmented screens, and watching real threats slip past detection gaps. Today, the Rebellion fights back. This isn’t a release built around a single marquee feature. It’s the result of our team listening to you on the front lines […]
40 Infosec Metrics Organizations Should Track
In today’s data-driven world, CISOs and senior leadership need to prove that their security programs mitigate risk. Just like grades theoretically quantify how well students understand material their teachers present, cybersecurity metrics quantify your security controls’ effectiveness. As the threat landscape becomes more complex, security teams struggle to identify the metrics that best showcase their […]
An Introduction to the NIST Risk Management Framework (RMF)
While inherently critical to today’s businesses that run on data, implementing and enforcing data security and privacy has never been straightforward. Between collecting different types of sensitive data and deploying unique architectures, organizations cannot adopt a one-size-fits-all solution, meaning that every security architecture is unique. With no absolutes around how to build security into the […]
Graylog Academy: Free On-Demand Training Available

Free Online Graylog Analyst Training Efficient log management and analysis are crucial for maintaining robust IT infrastructures. To empower IT professionals and enthusiasts with the skills needed to harness the power of log data. Sign up at the Graylog Academy and take our Free Online Graylog Analyst Training! Why Graylog? Graylog is a […]
Best Practices for Managing Hybrid Cloud Security
As a kid, fruit punch always seemed like a magical drink. A mix of orange, cherry, apple, and cranberry created a unique flavor that differed substantially from any one juice. These hybrid drinks not only quenched thirst but their complexity made it difficult to truly recreate them by hand. Hybrid clouds are the fruit punch […]
How Lean Security Teams Stay Ahead of AI-Powered Attacks
In “Terminator 2“, the T-800 does not win because humans worked harder. It wins because the same machine capability that made it dangerous was reprogrammed to fight for the defenders. Project Glasswing is exactly that. Claude Mythos Preview is Anthropic’s most powerful AI model and the one they refused to release publicly because it autonomously […]
What is the OWASP Top 10 for LLM Application Security
Initially published by the Open Worldwide Application Security Project (OWASP) in 2023, the Top 10 for LLM Application Security list seeks to bridge the gap between traditional application security and the unique threats related to large language models (LLMs). Even where the vulnerabilities listed have the same names, the Top 10 for LLM Application Security […]
Understanding the European Cybersecurity Certification Framework
The European Union (EU) cybersecurity regulatory landscape is reminiscent of a medieval tapestry full of interwoven threads that complement one another to create the larger picture. Regulation (EU) 2019/881 created the foundation for information and communications technology (ICT) cybersecurity certification. Following this, the Commission Implementing Regulation (EU) 2024/482 (Implementing Regulation) specified the roles, rules, obligations, […]