The Graylog Blog
Phight the Phish
To continue to fight the good fight, security analysts need cybersecurity awareness training around how to optimize their log management strategies so that they can keep pace with threat actors.
Security Analytics is a Team Sport
There’s no single tool or security concept that will have a greater impact on the overall cyber landscape than making security analytics a team sport. Here’s our reasons and recommendations for taking a more collaborative, company-wide approach to cybersecurity.
Security Hygiene - Why Is It Important?
Despite best intentions, organizations focus more on cybersecurity than security hygiene. As threats become more numerous and diverse, here’s how fixing the relationship between cybersecurity and security hygiene better protects your organization.
Bolster OT Security with Graylog
Many organizations struggle to secure OT assets like pumps, turbines, and generators. Graylog can help by discovering key asset information that informs security strategies, quantifying and supporting OEM negotiations, empowering backup strategies that mitigate ransomware, and delivering the insights of AI security solutions to the rest of the security architecture.
How to Proactively Plan Threat Hunting Queries
As your security capabilities improve with centralized log management, you can create proactive threat hunting queries for proactive planning. Setting baselines, determining abnormal behavior, and choosing an attack framework helps you mitigate risk and respond to incidents.
Security Log Management Done Right: Collect the Right Data
Nearly all security experts agree that event log data gives you visibility into and documentation over threats facing your environment. Even knowing this, many security professionals don’t have the time to collect, manage, and correlate log data because they don’t have the right solution. The key to security log management is to collect the correct data so your security team can get better alerts to detect, investigate, and respond to threats faster.
Executive Orders, Graylog, and You
On May 12, 2021, President Biden released the “Executive Order on Improving the Nation’s Cybersecurity” (the Executive Order) prompting many organizations to ask, “What does this mean for me?” One of Graylog’s essential functions is to help you monitor your threat landscape. Read on to find out how we provide the visibility you need to understand what is happening on (and to) your IT infrastructure to better understand where to focus your efforts.
Triaging Log Management Through SIEMS
While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information.
Event Log Management for Security and Compliance
Every action in an organization’s network generates event data, including records produced by operating systems, applications, devices, and users. By following best practices for event log management, you can enhance your cybersecurity posture and enable a more robust compliance program.
Detecting Security Vulnerabilities with Alerts
Every day we discover new vulnerabilities in our systems, cracks in the fence the adversaries take advantage of to get into your organization and wreak havoc. Alerts from centralized log management can give advance notice of an attack or alert you when they are going on.
Using Event Logs To Tighten Up Security
A huge volume of our personal and financial data depends on software code and databases. All of this information is stored in event logs, which is why having a dedicated log management tool is so important to IT security.
The Importance of Historical Log Data
Centralized log management brings valuable information to one place. See how Graylog helps you use historical data to get more concrete insights.
Strengthening cybersecurity with log forensic analysis
Forensic analysis is a highly reliable approach to enforce a strong cybersecurity posture and can be made even more scientific when coupled with wise log management.
Improving IoT security with log management
We know we can strengthen IoT security with a wise log management strategy. But how can we leverage these event logs to improve the cybersecurity of these often extremely vulnerable access points to our systems?
Reporting Up: Recommendations for Log Analysis
This post covers useful categories of information to monitor and report that indicate potential security issues.
How Can the Right Log Aggregator Help Your Enterprise?
The right log aggregation tools can go a long way towards maintaining and improving an existing system easily and efficiently.
Top Use Cases for Log Analysis
There is a wide scope of use cases for log analysis - from tackling security and performance issues head-on to enhancing the quality of your services. This post discusses these use cases in more detail.
Why is Log Management Important?
Today, every important action that occur on our computers, mobile phones, and tablets is logged somewhere, so employing a proper log management solution is now more crucial than ever before.
Investigating the RCE attack that knocked out 900,000 German routers on Sunday
900,000 Deutsche Telekom customers recently suffered repetitive network outages. Could this be a mass-scanning attack similar to how the Mirai botnet was formed?