Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

graylog

How Graylog Uses Explainable AI to Help Security Teams

Oct 20, 2025 By Jeff Darrington In Graylog
Security teams face an endless stream of alerts, false positives, and investigation backlogs. Every second counts, yet many AI-driven tools promise to handle everything for you that leaves analysts uncertain about how conclusions were made. Graylog takes a different path. The company develops assistive AI that helps analysts make faster, smarter calls with context, transparency, and control. No black boxes. No mystery logic.
Read Post

Logs & Lattes: Episode 2 - From Noise to Action: Smarter Security Ops That Reduce Risk

Oct 16, 2025 By Graylog In Graylog
Security teams are overwhelmed by alerts, but which ones really matter? In this episode of Logs & Lattes, host Palmer Wallace talks with Rich Murphy, Senior Product Manager at Graylog, about how smarter security operations help teams cut through the noise and focus on what truly reduces risk. From alert fatigue to risk-first response, they unpack practical ways to prioritize real threats, automate with context, and make incident response faster and more effective. Learn how modern SOCs are evolving beyond alert overload to focus on meaningful, risk-based action.
View Video
graylog

From Tool Sprawl to One Platform: How Graylog Simplifies Security Visibility

Oct 16, 2025 By The Graylog Team In Graylog
Security operations are buried under too many tools. Analysts switch between consoles, piece together context by hand, and burn valuable hours reconciling data that should already work together. According to Gartner, security leaders use an average of 19 different tools, and 80% say this level of complexity creates blind spots. This fragmentation slows down detection and response, drives up costs, and wears out teams that are already stretched thin.
Read Post
splunk

Splunk Ranked Number 1 in the 2025 Gartner Critical Capabilities for Security Information and Event Management Use Cases

Oct 16, 2025 By Olivia Henderson In Splunk
In addition to Splunk’s recognition as an 11-time Leader in the 2025 Gartner Magic Quadrant for Security Information and Event Management (SIEM), we are honored to announce that Splunk has been ranked as the SIEM solution in all three Use Cases for the second consecutive time in the 2025 Gartner Critical Capabilities for Security Information and Event Management report.
Read Post
splunk

Static Code Analysis: The Complete Guide to Getting Started with SCA

Oct 14, 2025 By Shanika Wickramasinghe In Splunk
Static code analysis wasn’t always built into the development process. That means most bugs were detected during testing, after the code was already merged and deployed. By that point, fixing issues was time-consuming, expensive, and risky. Small mistakes slipped into production. Security gaps widened and quality suffered. Static analysis shifts all of that left by bringing security and quality checks into the earliest stages of development.
Read Post
datadog

Monitor OCI Audit Logs with Datadog Cloud SIEM

Oct 13, 2025 By Vera Chan In Datadog
Oracle Cloud Infrastructure (OCI) provides compute, storage, networking, and database services for running enterprise applications and workloads in Oracle. OCI supports both traditional and cloud-native applications, offering scalable, secure, and high-performance infrastructure for hybrid and multi-cloud environments. Securing workloads in OCI can be complex for organizations managing a mix of on-prem, hybrid, and cloud environments.
Read Post
splunk

Build the SOC of the Future with Splunk and Cisco

Oct 10, 2025 By Drew Gibson In Splunk
I’m not one to blog, but speaking with clients, peers, and colleagues, I often hear statements like “SIEM is dead” or “this is the SOC of the future.” So what do they really mean? Honestly, I’m not entirely sure either — there are so many conflicting viewpoints and ways of addressing this.
Read Post

The Lost Payload: MSIX Resurrection

Oct 9, 2025 By Splunk In Splunk
MSIXBuilder transforms what was traditionally a complex, multi-tool process into a single automated workflow that mirrors actual attacker techniques. By automatically handling certificate lifecycle management, dependency resolution, and package signing, the tool removes the technical barriers that previously prevented security teams from creating realistic test scenarios. This means defenders can quickly generate both signed and unsigned MSIX packages to validate their AppXDeployment event log coverage, confirm detection rules, and build detection coverage that actually works against real-world threats.
View Video
graylog

SIEM's Next Chapter: Evolving, Not Dying

Oct 9, 2025 By Jeff Darrington In Graylog
The obituary for SIEM has been written more than once. The latest headline from Dark Reading calls it “dying a slow death.” Catchy. But wrong. If you work in a SOC, you already know the need for centralized, contextualized visibility is not going anywhere. What is changing the future of SIEM, is how SIEM delivers it. If you are still thinking of SIEM as a clunky, high-cost log hoarder, you are stuck in the wrong decade.
Read Post
splunk

Incident Command Systems: How To Establish an ICS

Oct 8, 2025 By Joseph Nduhiu In Splunk
Standardizing the management and coordination of incident response and resolution activities across different independent agencies is challenging. As part of its mission to help people before, during, and after disasters, the Federal Emergency Management Agency (FEMA) created the Incident Command System (ICS) as one of the components of the National Incident Management System (NIMS).
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.