Okta + LAPSUS$ Security Incident

Mar 22, 2022 8:11:44 PM / by Eric Capuano posted in Incident Response, Monitoring, Logging, Cloud, SSO

As many in the industry are now aware, Okta experienced a form of security breach back in January which the wider industry was unaware of until screenshots obtained by the LAPSUS$ group were posted on Twitter on March 21st, at 10:15pm CDT.

Read More

Detecting Threats with Graylog Pipelines - Part 3

Jan 15, 2021 2:14:00 PM / by Eric Capuano posted in Incident Response, Operations, SecOps, Security, SOC, InfoSec, Threat Hunting, Monitoring, Graylog

Now that we've normalized and enriched our events, let's get into the actual threat detection logic that brings SIEM-like features to open source Graylog.

Read More

Detecting Threats with Graylog Pipelines - Part 2

Jan 4, 2021 5:01:00 PM / by Eric Capuano posted in Operations, SecOps, Security, SOC, InfoSec, Monitoring, Graylog, Logging

In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog – now let's move towards some more advanced topics.

Read More

Detecting Threats with Graylog Pipelines - Part 1

Dec 31, 2020 5:16:00 PM / by Eric Capuano posted in Operations, SecOps, Security, SOC, InfoSec, Monitoring, Graylog, Logging

If you are here hoping to learn more about using Graylog for the purpose of monitoring the security posture of your organization, strap in – it's about to get real.

Read More