What is the MITRE ATT&CK® framework?
As a kid, treasure hunts were fun. Someone gave you clues and a map so you could hunt down whatever hidden item they left for you. However, as a security analyst, your incident investigations often have clues but lack a map. An alert fires. You search through your vast collection of log data. You hope […]
From the Desk Of the VP of Product – Delivering on the Promises of SIEM
I’m thrilled to share some incredibly exciting news – Graylog’s v6.0 is officially here! It’s been quite the journey getting to this point, filled with late nights, endless cups of coffee, and an unwavering commitment from our amazing team. As we unveil this latest version, I can’t help but reflect on how far SIEM technology […]
From The Office Of The CMO
Graylog Has A Brand-New Look! We’re thrilled to introduce Graylog’s fresh, new look! Gone are the days of our stark, albeit eye-catching red, black, and gray. Welcome a vibrant, modern mix of cool blues, greens, and purples! Meet Arti – the Graylog Mascot Arti, the divine overseer of logs, adept at parsing through cosmic cybersecurity […]
Webinar: Graylog and Soc Prime Form Strategic Partnership To Make Threat Detection and Response More Effective and Efficient
Cyber Defense with MITRE Framework: Insights from Graylog and SOC Prime In this 30-minute webinar, you will learn how to identify and neutralize threats faster using the SOC Prime Platform with Graylog. Integrating the two solutions gives you a robust foundation for crisis management and resilience against cyber threats. Key takeaways: SIEM and […]
Three Ways To Remove Complexity in TDIR
Integrations that accelerate detection and response Gartner identified security technology convergence as one of the key trends both in 2022 and 2023 as a necessity to remove complexity in the industry. Especially for Threat Detection and Incident Response (TDIR), simplification continues to resonate with cyber teams overwhelmed by too many tools and the continuous cutting […]
NIST CSF V2: What’s Hot and What’s Not!
NIST is to the US government what The Watcher is to the Marvel universe. In theory, it should simply observe the world around it, but in reality, it responds to evolving threats through interference. Despite the buzz around the update to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), you might […]
Improving IoT security with log management
We know we can strengthen IoT security with a wise log management strategy. But how can we leverage these event logs to improve the cybersecurity of these often extremely vulnerable access points to our systems?
Understanding Broken Authentication
With authentication, you can face serious consequences if you follow the old motto, “if it ain’t broke, don’t fix it.” From applications to APIs, authentication tells you whether the person or technology accessing a resource is legitimate. In 2017, the Open Worldwide Application Security Project (OWASP), identified broken authentication as #2 on its list of […]
Getting Started with NGINX
If you’ve ever watched one of those rehabilitating a business show like Kitchen Nightmares, you know that the advice is often the same, “Don’t try to be everything to everyone. Pick what you’re good at and stick with it.” Essentially, the message is to pick your niche and be the best within it. For example, […]
Creating a Threat Hunting Lab in Graylog
When I was looking to break into the cybersecurity industry, I found myself overwhelmed with the sheer amount of content to learn and try. So much of the content, you had to purchase certain things, or it was way too complicated for me to understand at the time. Today, I wanted to break down create […]
Optimizing the Value of Amazon Security Lake
So many logs. So little space. If you’re like most people running an Amazon Web Services (AWS) environment, then you probably have a vast collection of log files that include things like VPC flow logs and CloudWatch data. As if that’s not enough, you’re also collecting information about everything and everyone else connected to your […]
When 200 OK Is Not OK – Unveiling the Risks of Web Responses In API Calls
In the ever-evolving landscape of cybersecurity, where the battle between defenders and hackers continues to escalate, it is crucial to scrutinize every aspect of web interactions. While the HTTP status code 200 OK is generally associated with successful API calls, there’s a dark side to its seemingly harmless appearance that often goes unnoticed. This blog […]