Every Organization Needs Centralized Logging
Logs are on the systems, why do I need this? Because Digital Forensics & Incident Response is...
Every Organization Needs Centralized Logging
Detecting Threats with Graylog Pipelines - Part 3
Now that we've normalized and enriched our events, let's get into the actual threat detection logic...
Detecting Threats with Graylog Pipelines - Part 2
In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog –...
Detecting Threats with Graylog Pipelines - Part 1
If you are here hoping to learn more about using Graylog for the purpose of monitoring the security...
Camp COVID - A Recap
Let me first say, on behalf of the Recon team, we cannot thank the community enough for joining us...
Automating Detection Coverage Analysis with ATT&CK Navigator
Staying on-top of the latest adversarial methodologies means quickly adjusting to new TTPs and...
Integrating Graylog With TheHive
If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)
Graylog and Cylance Protect Integration
TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...
Automating Graylog Pipelines
Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...
Geolocation via Pipelines in Graylog
To the delight of most Graylog users, geolocation is automatically built into the platform via the...