Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SIEM

The latest News and Information on Security Incident and Event Management.

Sponsored Post

It's Not Black Magic: Malware & Ransomware in Plain English

It was almost exactly 10 years ago in December 2013 that we wrote our first blog post about detecting CryptoLocker, which was the first sophisticated Ransomware attack of its kind back then. BTW, 2013 was the year of the Boston Marathon bombing, Edward Snowden leaking secret NSA information, Syrians fleeing their home country and Nelson Mandela passing away.

Critical Windows Event IDs to Monitor

Like most organizations, your company likely invested in various Microsoft products. The Microsoft ecosystem provides businesses with nearly every kind of technology necessary, from workstation operating systems to Azure to Windows 365 that includes cloud-native versions of their traditional Office tools and the communication platform Teams. However, attackers are just as invested in the Microsoft ecosystem.

When 200 OK Is Not OK - Unveiling the Risks of Web Responses In API Calls

In the ever-evolving landscape of cybersecurity, where the battle between defenders and hackers continues to escalate, it is crucial to scrutinize every aspect of web interactions. While the HTTP status code 200 OK is generally associated with successful API calls, there’s a dark side to its seemingly harmless appearance that often goes unnoticed.

Announcing Graylog API Security v3.6

Graylog API Security v3.6 is here! Just taking the version number by itself, v3.6 sounds like an incremental step forward. But the truth is that v3.6 isn’t just a release milestone; it’s a huge inflection point in our mission to improve API security. There are multiple “firsts” in v3.6, which makes the total combination even more exciting.

Free API Discovery & Threat Detection Tool From Graylog!

In the fast-evolving landscape of digital connectivity, Application Programming Interfaces (APIs) play a pivotal role in facilitating seamless communication between diverse software systems. As organizations increasingly rely on APIs to power their applications, robust API security becomes paramount.

Introducing the Elastic Trust Center!

Your one-stop shop for transparent cloud security information Elastic® knows that security and compliance requirements are mandatory for regulated and non-regulated customers alike. We strongly believe in providing clear and transparent information to earn your trust in Elastic as an organization and in the services we provide. Our Trust Center is a public one-stop shop for information on security, compliance, privacy, and resiliency for Elastic and the Elastic Cloud.

Sumo Logic Cloud SIEM explainer video

Sumo Logic Cloud SIEM helps teams broaden threat visibility across the entire enterprise. With uniformity, clarity and transparency, companies can bring all their security tools together for complete visibility. Cloud SIEM automates real-time threat investigation, incident management and threat response while reducing false positives and analyst fatigue. Bring your teams together with centralized data and cloud-native scale in a SaaS Log Analytics Platform that breaks down silos.

Preventing and mitigating data loss with Graylog

If you’re handling sensitive information, dealing with data loss can be more than just a headache. Log management tools such as Graylog can enhance your incident response and management strategies, and help you mitigate the damage when a breach occurs in your database. Minimizing data loss with a fast and scalable logging solution is key if you want to bring your cybersecurity to the next level.