EventSentry Troubleshooting: Reducing the number of email notifications
How to reduce the number of email alerts.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
SIEM
The latest News and Information on Security Incident and Event Management.
API Management: Using Runtime API Security to Enhance API Lifecycle Processes
As I look at the range of API Management approaches that are recommended by various analysts, pundits, and vendors, I find it interesting that most don’t really know how to address “security” in the context of API management. In high-level API lifecycle management diagrams securing APIs is rarely called out visually, although it may be addressed briefly in an accompanying paragraph.
Hardening Graylog Encryptify Your Log Supply
Graylog Support Engineer Will Trelawny shares invaluable insights into enhancing Graylog security through encryption and authentication using transport layer security (TLS). He provides an in-depth and easy-to-follow walkthrough on setting up Graylog deployment configurations, encrypting communications, authenticating nodes, and securing the OpenSearch backend. The video also includes practical demonstrations on why and how to encrypt logs, authenticate log sources, and secure communication with OpenSearch. This video is an excellent resource for anyone looking to strengthen their Graylog security measures.
SIEM, Simplified
Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects: Coined in 2005 by Amrit Williams and Mark Nicolett of Gartner, the term SIEM now serves as a synonym for the gathering, analyzing, and presenting network and security information as well as external threat data and vulnerability management.
Sponsored Post
Predict the Future! A universal approach to detecting malicious PowerShell activity
So, here’s the deal with AntiVirus software these days: It’s mostly playing catch-up with super-fast athletes — the malware guys. Traditional AV software is like old-school detectives who need a picture (or, in this case, a ‘signature’) of the bad guys to know who they’re chasing. The trouble is, these malware creators are quite sneaky — constantly changing their look and creating new disguises faster than AntiVirus can keep up with their photos.
Feeding Your First SIEM with Graylog
Before diving into our blog post topic, allow me to introduce myself. My name is Joel and I work with the solution engineering team at Graylog. Our primary task is to work with our customers and prospective clients on how to manage and make the most out of Graylog in their respective IT environments. One of our main tasks is to identify the logs sources they should incorporate and the kind of volumes they should anticipate.
M-21-31 logging compliance: Overcoming the 3 top challenges
How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.
NIS2: Prepping your cybersecurity plan
If you are an organisation that operates or does business in the European Union (EU), then your team is likely preparing for the NIS2 Directive, an EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU and goes into effect on October 17, 2024. However, according to a survey by cybersecurity firm Sailpoint (and a Sumo Logic customer), only 34% of organisations in the UK, France, and Germany are prepared for NIS2.
Mashing Bananas What to Feed Your First SIEM
Solutions Engineer Joel Duffield runs you through the important food for your SIEM.
What Goes Into the Cost of a SIEM?
As we’ve covered before, SIEMs are an expensive tool. The average enterprise-level SIEM deployment costs over £15 million a year, and operating a small, 100 to 1000-seat SIEM will still run up bills of over £10k monthly. SIEMs create spiralling costs that eat security budgets. Without a skilled team operating them, they can also make organisations less secure despite receiving more information about their digital estates. But where do these SIEM costs come from?