An Introduction to the OWASP API Security Top 10
If you ever watched Stargate, then you have some understanding of how application programming interfaces (APIs) work. While APIs don’t give you the ability to traverse the galaxy using an alien wormhole, they do act as digital portals that allow data to travel between applications. However, as sensitive data moves from one application to another, […]
What to Do When You Have 1000+ Fields?
When you have 1000+ fields, Graylog can collect all the logs and have them ready for you to search through in one place.
How-To Guide: Securing Graylog with TLS
Welcome to our technical blog, where we’ll be diving into the world of Graylog and how you can secure your Graylog Server with Transport Layer Security (TLS). As an admin or a tech-savvy user, you know the importance of protecting your Graylog Server and the logs it manages from unauthorized access. TLS is a robust […]
A Guide to Digital Forensics and Incident Response (DFIR)
When you engage in a security incident investigation, you need to quickly sift through vast quantities of data. In that moment, tracking your attacker, containing the attack, and identifying the root cause are the activities that matter most. However, in an attack’s aftermath, the digital recovery process and post-incident paperwork becomes your new nightmare. Between […]
5 Best Practices for Building a Cyber Incident Response Plan
You’ve probably heard the Boy Scout motto, “be prepared.” In his 1908 handbook, Scouting for Boys, the author explained, “it shows you how you must be prepared for what is possible, not only what is probable.” Your cyber incident response plan is how you prepare for a possible, and, also in today’s world, probable security […]
Centralized Log Management for SOX Compliance
Over twenty years ago, a series of corporate financial scandals set off a chain reaction, culminating in criminal convictions and new legislation. After uncovering accounting fraud across public companies like Enron, WorldCom, and Tyco, the US Congress enacted the Sarbanes-Oxley Act of 2002 (SOX). As companies have become more reliant on technology, the Securities and […]
The Phases of the Digital Forensics Investigation Process
Investigating a security event is the less glamorous version of an episode of CSI: Crime Scene Investigation. Without the snazzy, high-end, mostly-fictitious technology that television shows you, your actual digital forensics investigation usually involves an arduous process of reviewing technical data and looking for the breadcrumbs a malicious actor left behind. Further, you need to […]
Detecting the 3CX Supply Chain Attack with Graylog and Sigma Rules
According to reporting by several cybersecurity publications the 3CX Desktop Application has been exploited in a supply chain attack. The 3CX client is a popular VOIP and messaging application used by over 600,000 companies. From the article on Bleeping computer This supply chain attack, dubbed ‘SmoothOperator’ by SentinelOne, starts when the MSI installer is downloaded […]
Tips & Tricks #2: Using the Graylog REST API
Did you know that Graylog comes with its own REST API and interactive API browser? The Graylog REST API is purpose-built for log management, and will enable you to easily integrate Graylog with other systems or your own customized scripts.
