Graylog Illuminate for authentication is a brand new offering designed by our Enterprise Intelligence team. It eliminates the manual setup necessary to detect, monitor, and analyze authentication activities and issues across your IT infrastructure by providing pre-built Dashboards, Alerts, and data enrichment. Initially, Graylog Illuminate for Authentication will address Windows authentication issues and activities. We will release additional data sources in the coming weeks so stay tuned!

Graylog is an advanced log management system, capable of ingesting all of your corporate logs into a central repository for easy searching and analysis of your data.

The trend of working from home has hit the ground running, and businesses have turned to strategies and tools that will ensure a no-plummet productive environment. There are two major forks in the road when it comes to provisioning remote endpoints—users can use their own devices, or the company can hand over corporate-owned devices.

Creating security policies for the devices connected to your network is critical to ensuring that company data is safe. This is especially true as companies adopt a bring-your-own-device model and allow more personal phones, tablets, and laptops to connect to internal services. These devices, or endpoints, introduce unique vulnerabilities that can expose sensitive data if they are not monitored.

The COVID-19 virus epidemic has seen a 23% rise in visitors to UK independent ecommerce sites. On a global scale, many companies have transitioned to fully ecommerce-based business practices and are seeing an increase in online shoppers. This paradigm shift in business continuity means websites are increasingly vulnerable to being attacked.

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.

Today we are releasing Grafana 6.7.4 and 7.0.2. These patch releases include an important security fix for an issue that affects all Grafana versions from 3.0.1 to 7.0.1.

We hosted our first ever virtual Elastic{ON} Gov Summit with one primary goal: recreate the collaboration and community-building we normally enjoy at our in-person Gov Summit in a new, virtual format. And we were humbled to be able to do just that. The event gathered more than 2,000 registered attendees from across government agencies and partners to collaborate while so many of us were social distancing across the nation.

In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.

The novel COVID-19 pandemic has changed the way organizations work. The sudden transition to remote work has forced organizations to look for temporary fixes to bridge the gap, leaving their endpoints exposed to an unprecedented threat landscape. Insecure internet connections, a lack of perimeter security, and the inability to implement effective security policies have made remote endpoints a breeding ground for threat actors.