Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There are lots of hurdles to jump when trying to set up and maintain a SIEM. Preparing infrastructure and installing the software components, getting logs ingested into the system, parsing and normalizing those log messages properly, configuring alerts for detection, etc. These are all large tasks that require thoughtful planning and a lot of work to get right. But let’s say you’ve managed to clear all those hurdles…in that case, great job!!

Imagine compliance is like a driving application. You know your location and you plug in the destination address, then it shows you the route’s overview. If you want a more specific map, you can zoom in a bit and get more details. Similarly, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and it’s most recent revision provide the overview roadmap for your compliance journey.

Devices, applications, and systems logs are needed to detect, analyze, and mitigate cybersecurity threats. Logs in a SIEM are like gold; they are both valuable. Gold is part of the economy, and logs are part of the IT ecosystem and are the foundation for cybersecurity. Here’s why they compare to liquid gold!

Let’s talk about a less discussed but critical aspect of Security Information and Event Management (SIEM) – data management. While the primary goals of SIEM include threat detection, regulatory compliance, and swift response, the backbone of these systems is log message ingestion and storage. The amount of machine data generated from various systems, applications, and security tools is staggering. Storing and processing this data can be costly and inefficient.

APIs form the backbone of modern digital systems, enabling seamless data exchange and integration. However, their critical role also makes them attractive targets for cyber threats. Traditional security measures often fail to address API-specific challenges effectively. Graylog API Security Content Pack emerges as a game-changer, reimagining API defense through innovative threat detection and response approaches.

On a Friday afternoon at 5 PM, you’re cruising along the backroads in your car, listening to your favorite music. You’re on vacation and making excellent time to your destination until you notice the long stream of red tail lights a few miles ahead. After sitting in standstill traffic for over an hour, you realize that highway construction created a detour to the two-lane backroad that you were using to skip the rush hour traffic.

Imagine you have a backpack with a granola bar buried at the bottom and a tenacious tiny dog who loves snacks. Even though the dog shouldn’t be able to reach that granola bar stored away carefully, it managed to open a zipper and snoop through the contents to eat the snack. From an IT environment standpoint, Application Programming Interfaces (APIs) are the backpack carrying sensitive – but appealing to attackers – data.

Illuminate 5.1.0 is now available, bringing substantial improvements to our compliance capabilities. This update represents a significant step forward, with NIST 800-53 as the cornerstone of our compliance framework. Let’s explore the key features and improvements implemented to support your organization’s security and compliance needs. Important Note: To run Illuminate 5.1.0, your environment must run Graylog 6.0 or higher.

Whether you’re a Halloween or comic con fan, dressing up as your favorite character is something you’ve probably done at least once in your life. As a kid, you were excited to put on that flimsy Batman mask and cape, thinking you looked just like the hero you saw on the movie screen. As an adult, getting or making the most move-accurate costume may allow other people to think that you are the actor in disguise.

In today’s cyber threat landscape, almost everyone is one bad day away from a security incident. While not every incident becomes a data breach, security teams need to be prepared for anything. Just like that one friend who has a spreadsheet to help them organize the minute tasks associated with a project, security teams need to have a prepared list of steps to take during an incident.