Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Improving IoT security with log management

The Internet of Things (IoT) revolution has set the beginning of a new age of data transfer. Each day, a massive number of new devices get added to all kinds of network infrastructures, transferring gargantuan amounts of data back and forth. In the next decade, we expect the number of IoTs to grow to a staggering 207 billion connected devices – practically outnumbering the human population tenfold.

What Does a SIEM Solution Do: Logsign Perspective

Businesses are currently witnessing improvements in cybersecurity capabilities, thanks to advancements in Artificial Intelligence (AI). However, the progress is accompanied by a parallel increase in the threat and sophistication of cyber-attacks, especially when the right event monitoring and threat detection tools are not utilized. Deloitte's latest research on security operations indicates that in 2023, 12.5% of businesses experienced more than one security event.

FedRAMP Authorization: A Value to Both Public and Private Organizations

The Federal Risk and Authorization Management Program (FedRAMP®) authorization has, for years, been seen as an arduous undertaking only for companies that want to do business with government agencies and their contractors. However, with growing cybersecurity risks, coupled with tightening data privacy regulations across industries, FedRAMP’s fundamental security requirements are becoming best practices for all organizations handling sensitive data.

3 Keys to Unlocking Data Visibility in the SOC

Although SIEMs have existed for more than 20 years, many organizations still fail to achieve full data visibility into their environments. Two problems compound this challenge. First: attack surfaces. As organizations scale their digital infrastructures and bring on new applications, the amount of data analysts need to monitor and analyze increases exponentially.

Hardening Graylog - Encryptify Your Log Supply!

Welcome to Hardening Graylog, where we will help you encryptify your log supply. In this blog post, we will explore the importance of using Transport Layer Security (TLS) to secure your Graylog deployment. We will walk you through the steps to configure Graylog with certificates and keys, secure the Graylog web interface, and protect the communication between Graylog and OpenSearch backend. By the end of this blog post, you will have a fully secure and trusted log management system.

API Management: Using Runtime API Security to Enhance API Lifecycle Processes

As I look at the range of API Management approaches that are recommended by various analysts, pundits, and vendors, I find it interesting that most don’t really know how to address “security” in the context of API management. In high-level API lifecycle management diagrams securing APIs is rarely called out visually, although it may be addressed briefly in an accompanying paragraph.

SIEM, Simplified

Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects: Coined in 2005 by Amrit Williams and Mark Nicolett of Gartner, the term SIEM now serves as a synonym for the gathering, analyzing, and presenting network and security information as well as external threat data and vulnerability management.
Sponsored Post

Predict the Future! A universal approach to detecting malicious PowerShell activity

So, here’s the deal with AntiVirus software these days: It’s mostly playing catch-up with super-fast athletes — the malware guys. Traditional AV software is like old-school detectives who need a picture (or, in this case, a ‘signature’) of the bad guys to know who they’re chasing. The trouble is, these malware creators are quite sneaky — constantly changing their look and creating new disguises faster than AntiVirus can keep up with their photos.

Feeding Your First SIEM with Graylog

Before diving into our blog post topic, allow me to introduce myself. My name is Joel and I work with the solution engineering team at Graylog. Our primary task is to work with our customers and prospective clients on how to manage and make the most out of Graylog in their respective IT environments. One of our main tasks is to identify the logs sources they should incorporate and the kind of volumes they should anticipate.

M-21-31 logging compliance: Overcoming the 3 top challenges

How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.