Graylog

Threat Detection and Incident Response with MITRE ATT&CK and Sigma Rules

May 29, 2024 By Jeff Darrington In Graylog

Being a security analyst tracking down threats can feel like being the Wile E. Coyote to an attacker’s Road Runner. You’re fast, but they’re faster. You set up alerts, but they still manage to get past your defenses. You’re monitoring systems, but they’re still able to hide their criminal activities.

Read Post

Graylog

Read more about Threat Detection and Incident Response with MITRE ATT&CK and Sigma Rules

Understanding Broken Function Level Authorization

May 28, 2024 By The Graylog Team In Graylog

Application Programming Interfaces (APIs) allow your applications to talk to one another, like an application-to-application iMessage or Signal. If you’ve ever texted a message to the wrong group chat, you’ve created a situation that mimics what broken function level authentication does between users and applications.

Read Post

Graylog

Read more about Understanding Broken Function Level Authorization

Monitoring for PCI DSS 4.0 Compliance

May 23, 2024 By The Graylog Team In Graylog

Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs.

Read Post

Graylog

Read more about Monitoring for PCI DSS 4.0 Compliance

What is the MITRE ATT&CK framework?

May 9, 2024 By Jeff Darrington In Graylog

As a kid, treasure hunts were fun. Someone gave you clues and a map so you could hunt down whatever hidden item they left for you. However, as a security analyst, your incident investigations often have clues but lack a map. An alert fires. You search through your vast collection of log data. You hope to find the next clue while trying to figure out the attacker’s next steps.

Read Post

Graylog

Read more about What is the MITRE ATT&CK framework?

From the Desk Of the VP of Product - Delivering on the Promises of SIEM

May 7, 2024 By The Graylog Product Team In Graylog

I’m thrilled to share some incredibly exciting news – Graylog’s v6.0 is officially here! It’s been quite the journey getting to this point, filled with late nights, endless cups of coffee, and an unwavering commitment from our amazing team. As we unveil this latest version, I can’t help but reflect on how far SIEM technology has come over the past two decades. Gone are the days when Intellitactics and NetForensics reigned supreme.

Read Post

Graylog

Read more about From the Desk Of the VP of Product - Delivering on the Promises of SIEM

Top 5 Myths About API Security and What To Do Instead

Apr 15, 2024 By Graylog In Graylog

Discover the top five myths about API security and learn the effective strategies for protecting your digital assets. Understand why attacks are common, the limitations of perimeter security, and the importance of a zero trust model in this comprehensive overview. Uncover the realities of API security, from the prevalence of attacks to the challenges of relying on perimeter defenses. Learn why a zero trust approach and better developer engagement are key to robust API protection.

View Video

Graylog

Read more about Top 5 Myths About API Security and What To Do Instead

Graylog V6 and SOC Prime: Cyber Defense with MITRE Framework Webinar

Apr 11, 2024 By Graylog In Graylog

Insights from Graylog and SOC Prime Join us for an exclusive session where we unveil the integrations between Graylog, a comprehensive log management solution, and SIEM, and SOC Prime’s Platform for collective cyber defense. Discover how integrating these solutions transforms your approach to security, providing a robust foundation for crisis management and resilience against cyber threats.

View Video

Graylog

Read more about Graylog V6 and SOC Prime: Cyber Defense with MITRE Framework Webinar

Three Ways To Remove Complexity in TDIR

Apr 11, 2024 By The Graylog Team In Graylog

Gartner identified security technology convergence as one of the key trends both in 2022 and 2023 as a necessity to remove complexity in the industry. Especially for Threat Detection and Incident Response (TDIR), simplification continues to resonate with cyber teams overwhelmed by too many tools and the continuous cutting and pasting from one tool to another.

Read Post

Graylog

Read more about Three Ways To Remove Complexity in TDIR

The Ultimate Guide to Sigma Rules

Apr 9, 2024 By Jeff Darrington In Graylog

In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.

Read Post