There’s no single tool or security concept that will have a greater impact on the overall cyber landscape than making security analytics a team sport. Here’s our reasons and recommendations for taking a more collaborative, company-wide approach to cybersecurity.

Despite best intentions, organizations focus more on cybersecurity than security hygiene. As threats become more numerous and diverse, here’s how fixing the relationship between cybersecurity and security hygiene better protects your organization.

Many organizations struggle to secure OT assets like pumps, turbines, and generators. Graylog can help by discovering key asset information that informs security strategies, quantifying and supporting OEM negotiations, empowering backup strategies that mitigate ransomware, and delivering the insights of AI security solutions to the rest of the security architecture.

Storage is one of the most promising ways to shift from the "more is better" philosophy to the "work smarter" philosophy. Find out how Graylog can help you create strategies to virtualize your storage, ensuring that you waste as little as possible and that services always get the storage they need. You can also optimize storage, so only the most important services use SSD. 

Gary's Defcon 2021 recap.

Graylog can help organizations create AI that generates key insights, detects emerging problems, and in some cases, predicts problems well before they happen.

Graylog recently discovered a Session ID leak in the Graylog DEBUG log file and audit log. This presents a risk of unauthorized privilege escalation with active and previously active session IDs running Graylog. To mitigate the issue, we have published Graylog v3.3.14, 4.0.10, and Graylog v4.1.2.

The Windows System Monitor (Sysmon) is one of the chattiest tools. With all the information coming in, it can be difficult and expensive to use it efficiently. However, the Graylog Illuminate package gives you a way to fine-tune it so that you can get better data and manage your ingestion rate better. 

As your security capabilities improve with centralized log management, you can create proactive threat hunting queries for proactive planning. Setting baselines, determining abnormal behavior, and choosing an attack framework helps you mitigate risk and respond to incidents. 

Nearly all security experts agree that event log data gives you visibility into and documentation over threats facing your environment. Even knowing this, many security professionals don’t have the time to collect, manage, and correlate log data because they don’t have the right solution. The key to security log management is to collect the correct data so your security team can get better alerts to detect, investigate, and respond to threats faster. 

On May 12, 2021, President Biden released the “Executive Order on Improving the Nation’s Cybersecurity” (the Executive Order) prompting many organizations to ask, “What does this mean for me?” One of Graylog’s essential functions is to help you monitor your threat landscape. Read on to find out how we provide the visibility you need to understand what is happening on (and to) your IT infrastructure to better understand where to focus your efforts.

Using centralized log management for multi-cloud strategies gives you more visibility into your complex ecosystem.

The growth and use of Discord has transformed from just many Gaming users to businesses using it as a communication platform. Having the ability to send Log Management Alerts to Discord where everyone is collaborating can provide a major benefit to multiple teams in an organization.

Cloud IT stacks are more important to business operations than ever before. With Graylog, IT teams can collaborate when engaging in root cause analysis to ensure continued productivity. 

This week in Log Management. Discover how archiving works in Graylog Enterprise.

There are times in IT environments when you might want to pause (silence) these alerts, not triggering unnecessary notifications. For example, when you know you're going to generate specific events in your network.

Threat hunting that uses threat intelligence strengthens your incident response team’s ability to detect, investigate, and mitigate risk.

This Week in Log Management - The Graylog Web Search query is one of the most powerful features in Graylog and one of the easiest to use. Find out why.

This Week in Log Management - Are Dashboards and Reports related? What host can I use to send logs to Graylog?

In these turbulent times, IT teams leverage centralized log management solutions for making decisions. As the challenges change, the way you’re monitoring logs for insider threats needs to change, too.