The Graylog Blog


Tools for Threat Hunting and IT Service Risk Monitoring

April 19, 2022

The same tools you use for IT service monitoring can be used for cyber threat hunting.

Use Service Design in Operations Management to Enhance Security

April 12, 2022

Using service design in operations management can enhance security and increase ROI.

Building Your Security Analytics Use Cases

March 31, 2022

Building your security analytics use cases in advance helps level up your security posture faster

Cybersecurity Risk Management: Introduction to Security Analytics

March 29, 2022

With security analytics, you can create a data-informed cybersecurity risk management program.

CIS Control Compliance and Centralized Log Management

March 24, 2022

The CIS Controls create a scalable, flexible maturity model framework for all-sized companies.

Centralized Log Management and NIST Cybersecurity Framework

March 21, 2022

NIST CSF is a risk-based, flexible framework, and centralized log management can help maintain compliance.

Monitoring Endpoint Logs for Stronger Security

January 19, 2022

The massive shift to remote work makes managing endpoint security more critical and challenging. To be successful, you need to secure your endpoints. High-fidelity endpoint log monitoring capabilities can help you do that. 

Graylog Insights -- How 2021 Will Shape 2022

January 11, 2022

Many of the challenges companies faced in 2021 aren’t going anywhere. In 2022, common security problems will become a variation in previous issues. To move forward with confidence, you want to be prepared for what you know and ready to face and overcome those security challenges you haven’t yet encountered. 

Graylog Update for Log4j

December 10, 2021

Quick update to say that Graylog (and elastic), in their default configuration, are not vulnerable to the dos issue that was addressed in the Log4j 2.17.0 release on 12/19/21. No mitigating actions are necessary.

Understanding business and security risk

November 17, 2021

Even if an organization has developed a governance team, aligning integration decisions with business needs must be incorporated into the zero trust architecture. The company’s business model drives the applications chosen.

Small IT Teams with Big Security Problems

October 26, 2021

Small IT teams face the same big security problems as large SOCs. They just have fewer - or no - specialists. This makes their smaller teams a bigger target for threat actors. Centralized log management gives small IT teams a way to manage both security and operations so that they can do more with less.

A CISO's Guide to Log Management for Cybersecurity

October 19, 2021

CISOs face two big problems: protecting data and reporting their activities to the Board. Log management is fundamental to protecting data, but high volumes of data generated by cloud applications make using logs difficult. With modernized log management, CISOs can get the best of both worlds: the visibility they need and the visibility they need to provide.

Phight the Phish

October 12, 2021

To continue to fight the good fight, security analysts need cybersecurity awareness training around how to optimize their log management strategies so that they can keep pace with threat actors.

The Rising Tide of Data Breach Awareness

October 5, 2021

High-profile security incidents might be making headlines, but those headlines are impacting companies’ bottom lines. Businesses need to stay aware as best practices change and start modernizing their own security infrastructures.

Be Cybersmart with Graylog

October 4, 2021

It’s that time of year when the skeletons and pumpkins are in the windows and the bad actors are lurking in the shadows of your network. Watch this space for blog posts focused on Cybersecurity Awareness. Don’t get phished by the bucket of candy. 

Security Analytics is a Team Sport

September 23, 2021

There’s no single tool or security concept that will have a greater impact on the overall cyber landscape than making security analytics a team sport. Here’s our reasons and recommendations for taking a more collaborative, company-wide approach to cybersecurity.

Security Hygiene - Why Is It Important?

September 15, 2021

Despite best intentions, organizations focus more on cybersecurity than security hygiene. As threats become more numerous and diverse, here’s how fixing the relationship between cybersecurity and security hygiene better protects your organization.

Security Log Management Done Right: Collect the Right Data

May 18, 2021

Nearly all security experts agree that event log data gives you visibility into and documentation over threats facing your environment. Even knowing this, many security professionals don’t have the time to collect, manage, and correlate log data because they don’t have the right solution. The key to security log management is to collect the correct data so your security team can get better alerts to detect, investigate, and respond to threats faster. 

Executive Orders, Graylog, and You

May 13, 2021

On May 12, 2021, President Biden released the “Executive Order on Improving the Nation’s Cybersecurity” (the Executive Order) prompting many organizations to ask, “What does this mean for me?” One of Graylog’s essential functions is to help you monitor your threat landscape. Read on to find out how we provide the visibility you need to understand what is happening on (and to) your IT infrastructure to better understand where to focus your efforts.

Threat Hunting with Threat Intelligence

April 6, 2021

Threat hunting that uses threat intelligence strengthens your incident response team’s ability to detect, investigate, and mitigate risk.

Red Team Tools Detection and Alerting

December 16, 2020

The Graylog alert feature can detect the signature from any log source in your organization with the signature/hash value in them. This blog post walks you through the bits of information from the YARA rules and create a rule in Graylog to alert when an IoC is detected. 

Triaging Log Management Through SIEMS

October 30, 2020

While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information. 

Event Log Management for Security and Compliance

October 15, 2020

Every action in an organization’s network generates event data, including records produced by operating systems, applications, devices, and users. By following best practices for event log management, you can enhance your cybersecurity posture and enable a more robust compliance program.

Detecting Security Vulnerabilities with Alerts

October 8, 2020

Every day we discover new vulnerabilities in our systems, cracks in the fence the adversaries take advantage of to get into your organization and wreak havoc. Alerts from centralized log management can give advance notice of an attack or alert you when they are going on.

Detecting & Preventing Ransomware Through Log Management

October 5, 2020

As companies responded to the COVID-19 pandemic with remote work, cybercriminals increased their social engineering and ransomware attack methodologies. Ransomware, malicious code that automatically downloads to a user’s device and locks it from further use, has been rampant since the beginning of March 2020. Detection of ransomware through log management offers one way for you to protect your systems, networks, devices, and applications for continued data security. 

The Importance of Log Management and Cybersecurity

October 1, 2020

Log management is important to cybersecurity because it provides the data needed to detect, investigate, and respond to incidents

A Beginner’s Guide to Integrating Threat Intelligence

April 18, 2018

Companies can integrate threat intelligence into their security operations with log management.

Ready to get started?

Get Graylog