The Why and What of AWS Lambda Monitoring
Serverless architectures are the rental tux of computing. If you’re using AWS to manage and scale your underlying infrastructure, you’re renting compute time or storage space. Your Lambda functions are the tie or cummerbund you purchase to customize your rental. Using the AWS event-driven architecture improves business agility, allowing you to move quickly. Lambda […]
Navigating the Cybersecurity Risks of Illicit Streaming Devices
Illicit streaming devices have become an unnoticed yet significant threat in many households and corporate environments. These devices, often advertised with wild promises of free access to premium content, have a dark side that many users might not be aware of. They operate much like the “black boxes” of the 1990s, offering access to pay-per-view […]
Do You Need IDS and IPS?
Imagine, for a moment, that your IT environment is the Death Star. You know the rebels will try to rescue Princess Leia. If you’re Darth Vader, you need systems that detect Luke and Chewbacca when they gain unauthorized access and systems that prevent them from accessing the Death Star. As a security analyst, you […]
Announcing Graylog Illuminate v6.1
This is a bug-fix release improving the functionality of Graylog. Please read on for detailed descriptions of each bug fix.
Many thanks to the Graylog Community for reporting issues and contributing fixes.
Graylog Year of CTFs: A Look Back at Our Biggest Highlights
2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their […]
Understanding Ubuntu Logs
Linux, Debian, and Ubuntu are the Kirk, Spock, and McCoy of modern application development. The Captain Kirk, Linux, is the open-source central code for directing and talking to hardware. Debian sits as the trio’s Spock, the original distro that can be seen as more complex to install and use. As a Debian child distro, Ubuntu […]
What is MITRE D3FEND?
Being a security analyst today is hard. You’re constantly trying to protect your organization while feeling like attackers are always a step ahead of you. Every year, you seem to add more security technologies to your stack, yet you still find yourself facing tooling gaps. If only you had the ability to clearly compare different […]
Breaking the Mold: Why Differentiation Matters in the SIEM Market
As I celebrate my first year as head of product management at Graylog, I’ve had the unique privilege of re-immersing myself in the world of Security Information and Event Management (SIEM) from a new perspective. The past year has underscored one critical lesson: staying competitive in SIEM isn’t about adding features; it’s about finding fresh […]
Best Practices for Writing an IT Security Incident Report
Everyone remembers that one required writing class they needed to take. If you’re like a lot of other security analysts, you assumed that your job would focus on using technology, not writing research papers. However, in today’s business environment, cyber incidents are critical business events, especially as governments and agencies create more reporting requirements. […]
Understanding IoT Logging Formats in Azure and AWS
Internet of Things (IoT) devices are everywhere you look. From the smartwatch on your wrist to the security cameras protecting your offices, connected IoT devices transmit all kinds of data. However, these compact devices are different from the other technologies your organization uses. Unlike traditional devices, IoT devices lack a standardized set of security capabilities, […]
Cross-Site Request Forgery Cheat Sheet
“Aren’t you a little short for a Stormtrooper?” In this iconic Star Wars moment, Princess Leia lazily responds to Luke Skywalker, disguised as one of her Stormtrooper captors and using authentication information to open her cell. In other words, Star Wars acts as an analogy for a cross-site request forgery (CSRF) attack. In a […]
What is a Cross-Site Scripting Attack
Cross-site scripting attacks are the digital version of the mystery trope where people inject IV lines with hazardous material. In the murder mystery genre, these crimes often focus on someone who looks legitimate, sneaking malicious material into someone’s medicine to harm the patient. Similarly, a cross-site scripting attack is when a threat actor sneaks malicious […]