Understanding Ubuntu Logs
Linux, Debian, and Ubuntu are the Kirk, Spock, and McCoy of modern application development. The Captain Kirk, Linux, is the open-source central code for directing and talking to hardware. Debian sits as the trio’s Spock, the original distro that can be seen as more complex to install and use. As a Debian child distro, Ubuntu […]
What is MITRE D3FEND?
Being a security analyst today is hard. You’re constantly trying to protect your organization while feeling like attackers are always a step ahead of you. Every year, you seem to add more security technologies to your stack, yet you still find yourself facing tooling gaps. If only you had the ability to clearly compare different […]
Breaking the Mold: Why Differentiation Matters in the SIEM Market
As I celebrate my first year as head of product management at Graylog, I’ve had the unique privilege of re-immersing myself in the world of Security Information and Event Management (SIEM) from a new perspective. The past year has underscored one critical lesson: staying competitive in SIEM isn’t about adding features; it’s about finding fresh […]
Best Practices for Writing an IT Security Incident Report
Everyone remembers that one required writing class they needed to take. If you’re like a lot of other security analysts, you assumed that your job would focus on using technology, not writing research papers. However, in today’s business environment, cyber incidents are critical business events, especially as governments and agencies create more reporting requirements. […]
Understanding IoT Logging Formats in Azure and AWS
Internet of Things (IoT) devices are everywhere you look. From the smartwatch on your wrist to the security cameras protecting your offices, connected IoT devices transmit all kinds of data. However, these compact devices are different from the other technologies your organization uses. Unlike traditional devices, IoT devices lack a standardized set of security capabilities, […]
Cross-Site Request Forgery Cheat Sheet
“Aren’t you a little short for a Stormtrooper?” In this iconic Star Wars moment, Princess Leia lazily responds to Luke Skywalker, disguised as one of her Stormtrooper captors and using authentication information to open her cell. In other words, Star Wars acts as an analogy for a cross-site request forgery (CSRF) attack. In a […]
What is a Cross-Site Scripting Attack
Cross-site scripting attacks are the digital version of the mystery trope where people inject IV lines with hazardous material. In the murder mystery genre, these crimes often focus on someone who looks legitimate, sneaking malicious material into someone’s medicine to harm the patient. Similarly, a cross-site scripting attack is when a threat actor sneaks malicious […]
Introducing Graylog 6.1: A Monster Release Just in Time for Halloween
It’s no coincidence that Graylog 6.1 is making its debut right before Halloween. This release is a true behemoth, designed to tackle some of the longest-standing and most challenging issues in Security Information and Event Management (SIEM). Packed with innovations, Graylog 6.1 is here to change the game. 1. Getting to the Alerts that […]
Understanding Java Logs
Logs are the notetakers for your Java application. In a meeting, you might take notes so that you can remember important details later. Your Java logs do the same thing for your application. They document important information about the application’s ability to function and problems that keep it from working as intended. Logs give […]
Simplifying Your Data Node Migration with Graylog
Migrating your data infrastructure can sound daunting, especially when you’re dealing with complex systems like OpenSearch. But what if it could be easier—almost ridiculously easy? If you’re thinking, “Hey, wait a second—could this be as seamless as it sounds?” You’re in for a pleasant surprise. In this blog, we’re diving into how moving and Simplifying […]
Assessing and Prioritizing Risk in Your Infrastructure
There are lots of hurdles to jump when trying to set up and maintain a SIEM. Preparing infrastructure and installing the software components, getting logs ingested into the system, parsing and normalizing those log messages properly, configuring alerts for detection, etc. These are all large tasks that require thoughtful planning and a lot of work […]
Get To Know Graylog GO
Annual User Conference October 23-24, 2024 Join Graylog virtually for our annual conference Shared Experience, Shared Success WHY ATTEND Graylog GO? To engage with others who are passionate about their Graylog! Attend sessions presented by Graylog users Ask questions of Graylog experts Find out more about the product roadmap “Meet” hundreds of Graylog users Be […]
