Syslog Protocol: A Reference Guide
Syslog was developed in the 1980s by Eric Allman as part of the Sendmail project and adopted by many systems over the years. When looking at Syslog, there are a few protocol options, each with slight differences. In this reference guide, I’ll break down the differences so that you have a guide to see these […]
Using Data Pipelines for Security Telemetry
It’s a warm, sunny day as you lie in the sand under a big umbrella. Suddenly, you feel the waves crashing against your feet, only to look down and see numbers, letters, usernames, and timestamps. You try to stand up, but you feel the tide of big data pulling you under… With a jolt, […]
Monitoring Networks with Snort IDS-IPS
Networks are the data highways upon which you build your digital transformation infrastructure. Like interstate highways transmit goods, networks transmit data. Every connected user and device is a network digital on-ramp. When malicious actors gain unauthorized access to networks, organizations must detect and contain them as quickly as possible, requiring security analysts to embark on […]
DNS Security Best Practices for Logging
Your Domain Name System (DNS) infrastructure enables users to connect to web-based resources by translating everyday language into IP addresses. Imagine going into a restaurant, in the age before the internet, only to find that the staff speaks and the menu is written in a different language from yours. Without some shared communication form, you […]
Building a Security Data Lake Strategy
The high volumes of security data that cloud environments generate leave security teams swimming in data, but many feel like they need a life preserver to improve their incident response capabilities. Enter security data lakes. As the costs associated with data retention become overwhelming, organizations are embracing the idea of security data lakes and […]
Load Balancing Graylog with NGINX: Ultimate Guide
In cybersecurity, “Load Balancing Graylog with Nginx: The Ultimate Guide” is your reference guide. This guide helps to install Nginx. Imagine your Graylog, already proficient at managing vast log data, now enhanced with the Nginx load balancing capability to ensure peak performance. NGINX ensures your Graylog cluster isn’t over-taxed, similar to a well-organized team where […]
Telemetry: What It Is and How it Enables Security
If you have ever built a LEGO set, then you have a general idea of how telemetry works. Telemetry starts with individual data points, just like your LEGO build starts with a box of bricks. In complex IT environments, your security telemetry is spread across different technologies and monitoring tools, just like in a large […]
The Why and What of AWS Lambda Monitoring
Serverless architectures are the rental tux of computing. If you’re using AWS to manage and scale your underlying infrastructure, you’re renting compute time or storage space. Your Lambda functions are the tie or cummerbund you purchase to customize your rental. Using the AWS event-driven architecture improves business agility, allowing you to move quickly. Lambda […]
Navigating the Cybersecurity Risks of Illicit Streaming Devices
Illicit streaming devices have become an unnoticed yet significant threat in many households and corporate environments. These devices, often advertised with wild promises of free access to premium content, have a dark side that many users might not be aware of. They operate much like the “black boxes” of the 1990s, offering access to pay-per-view […]
Do You Need IDS and IPS?
Imagine, for a moment, that your IT environment is the Death Star. You know the rebels will try to rescue Princess Leia. If you’re Darth Vader, you need systems that detect Luke and Chewbacca when they gain unauthorized access and systems that prevent them from accessing the Death Star. As a security analyst, you […]
Graylog Year of CTFs: A Look Back at Our Biggest Highlights
2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their […]
Understanding Ubuntu Logs
Linux, Debian, and Ubuntu are the Kirk, Spock, and McCoy of modern application development. The Captain Kirk, Linux, is the open-source central code for directing and talking to hardware. Debian sits as the trio’s Spock, the original distro that can be seen as more complex to install and use. As a Debian child distro, Ubuntu […]
