Latest News

Meet EO 14028 requirements with Datadog Log Management, Cloud Workload Security, and Cloud SIEM

Mar 1, 2024 By Thomas Sobolik In Datadog

As of August 2023, only 3 out of 23 US government agencies were compliant with Office of Management and Budget (OMB) requirements for log management and security observability. These requirements are outlined in M-21-31, a 2021 memorandum that was issued following Executive Order 14028 on improving national cybersecurity. Until all of these agencies implement the new requirements, the federal government’s ability to fully detect, investigate, and remediate cybersecurity threats will be constrained.

Read Post

Datadog

Read more about Meet EO 14028 requirements with Datadog Log Management, Cloud Workload Security, and Cloud SIEM

DevSecOps best practices for UK businesses

Feb 29, 2024 By Chas Clawson and Janet Alexander In Sumo Logic

We recently spoke to a focus group of security professionals, software engineers and developers for a discussion on DevSecOps. We’ve quoted a few of them throughout this article.

Read Post

Sumo Logic

Read more about DevSecOps best practices for UK businesses

Strengthening small utilities: The power of public-private partnership

Feb 16, 2024 By Bill Wright In Elastic

In the wake of recent cyber attacks against US water utilities, the vulnerability of local entities dependent on operational technology (OT) has been starkly highlighted. This danger was further emphasized last week when Congress held a hearing titled Securing Operational Technology: A Deep Dive into the Water Sector. Witnesses at the hearing painted a stark picture of the significant cybersecurity risks facing small utility companies today.

Read Post

Elastic

Read more about Strengthening small utilities: The power of public-private partnership

Tyk Gateway API Calls To Graylog API Security

Feb 15, 2024 By The Graylog Team In Graylog

Application Programming Interfaces (APIs) are the backbone of modern software development, enabling seamless communication between various systems and services. As organizations increasingly rely on APIs to power their applications and services, the need for robust API management and monitoring solutions becomes paramount. Capturing API calls and gaining insights into their behavior can significantly enhance the development, troubleshooting, and security of APIs.

Read Post

Graylog

Read more about Tyk Gateway API Calls To Graylog API Security

The future of cybersecurity: AI and SIEM working together

Feb 14, 2024 By SecuritySenses In SecuritySenses

Imagine a world where your digital security isn't just a tall wall guarding against intruders but a sophisticated AI sentinel, always learning, always adapting. That's the world we're zooming into when we talk about the convergence of AI and Security Information and Event Management (SIEM) systems. This fusion is not just a fancy addition to the cybersecurity toolset; it's rapidly becoming a necessity for businesses that seek to stay ahead in this grand digital chess game against cyber threats. You should consider Exploring the Essentials of SIEM for Business Security further to help you understand better.

Read Post

SecuritySenses

Read more about The future of cybersecurity: AI and SIEM working together

Optimizing the Value of Amazon Security Lake

Feb 13, 2024 By Jeff Darrington In Graylog

So many logs. So little space. If you’re like most people running an Amazon Web Services (AWS) environment, then you probably have a vast collection of log files that include things like VPC flow logs and CloudWatch data. As if that’s not enough, you’re also collecting information about everything and everyone else connected to your cloud, like users, devices, network devices, applications, and APIs.

Read Post

Graylog

Read more about Optimizing the Value of Amazon Security Lake

It's Not Black Magic: Malware & Ransomware in Plain English

Feb 12, 2024 By ingmar.koecher In EventSentry

It was almost exactly 10 years ago in December 2013 that we wrote our first blog post about detecting CryptoLocker, which was the first sophisticated Ransomware attack of its kind back then. BTW, 2013 was the year of the Boston Marathon bombing, Edward Snowden leaking secret NSA information, Syrians fleeing their home country and Nelson Mandela passing away.

Read Post

EventSentry

Read more about It's Not Black Magic: Malware & Ransomware in Plain English

Critical Windows Event IDs to Monitor

Feb 7, 2024 By The Graylog Team In Graylog

Like most organizations, your company likely invested in various Microsoft products. The Microsoft ecosystem provides businesses with nearly every kind of technology necessary, from workstation operating systems to Azure to Windows 365 that includes cloud-native versions of their traditional Office tools and the communication platform Teams. However, attackers are just as invested in the Microsoft ecosystem.

Read Post

Graylog

Read more about Critical Windows Event IDs to Monitor

When 200 OK Is Not OK - Unveiling the Risks of Web Responses In API Calls

Feb 5, 2024 By Jeff Darrington In Graylog

In the ever-evolving landscape of cybersecurity, where the battle between defenders and hackers continues to escalate, it is crucial to scrutinize every aspect of web interactions. While the HTTP status code 200 OK is generally associated with successful API calls, there’s a dark side to its seemingly harmless appearance that often goes unnoticed.

Read Post