Security operations teams are under sustained pressure. Alert volumes continue to rise, environments grow more distributed, and experienced analysts remain scarce. Much of the industry conversation around AI focuses on
Security operations teams are under sustained pressure. Alert volumes continue to rise, environments grow more distributed, and experienced analysts remain scarce. Much of the industry conversation around AI focuses on
Sigma rules have become the security team equivalent of LEGO bricks and systems. With LEGO, people can build whatever they can imagine by connecting different types of bricks. With Sigma
Like most organizations, your company likely invested in various Microsoft products. The Microsoft ecosystem provides businesses with nearly every kind of technology necessary, from workstation operating systems to Azure to
Graylog has always been associated with log management, metrics, SIEM and security monitoring—but it’s also a great tool for creative, low-cost experiments in a home lab. I wanted to use
2025 exposed a shift that had been forming for years. Security operations were not slowed by limited visibility or weak tooling. They were slowed because the effort required to interpret
The Ransomware-as-a-Service (RaaS) ecosystem has changed the look and shape of modern day ransomware attacks. Malicious actors typically view their cybercrimes as a business, hoping to make the most amount
On April 8, 2025, the National Security Division (NSD) of the US Justice Department (DOJ) implemented the Data Security Program (DSP). The DSP addresses threats outlined by the 2024 Executive
Security teams face a critical question: “What logs should we collect, and what detections should we enable to protect against threats targeting our industry?” For a bank in the northeast,
If Darth Vader and the rest of the Empire made one major strategic mistake, it was failing to understand the important role that the human element plays in security. Convinced
A security information and event management (SIEM) solution aggregates and correlates data from across the organization’s complex, interconnected environment. Modern enterprise IT consists of decentralized users and applications that require
Tax season is notoriously most people’s least favorite time of year. For people who complete their own tax returns, the process becomes an agonizing one of looking at small pieces
The irony of being an adult working in IT and security is that where having your head “in the clouds” was inappropriate as a child, today most of your activities
Security leaders spent most of the past year testing AI driven security automation. Many discovered that the promise of fully autonomous SOC operations collided with the reality of hallucinations, opaque
Subscribe to the latest in log management, security, and all things Graylog blog delivered to your inbox once a month.
Subscribe to the latest in log management, security, and all things Graylog blog delivered to your inbox once a month.
