Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. The good thing is that cybercriminals use a methodical approach when planning an attack. By understanding their process and knowing your network, you will be better prepared and able to stay one step ahead.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we discuss the merits of going hybrid in this era of distributed workforces and remote working culture. While it has become imperative for organizations to implement remote work policies, the question of cloud adoption has become almost unavoidable.

Linux is one of the best known and most used open source operating systems. The key advantages of using Linux servers are that they are stable, secure, compatible, and customizable.

This is a review of the last three years that we spent stabilizing Marathon. Marathon is the central workload scheduler in DC/OS. Most of the time when you launch an app or a service on DC/OS, it is Marathon that starts it on top of Apache Mesos. Mesos manages the compute and storage resources and Marathon orchestrates the workload. We sometimes dub it the “init.d of DC/OS”. Being such an integral part of DC/OS, we must ensure that it keeps functioning.

Accessing Windows registry (local or remote) is a typical way of gathering useful data. However, there’s a typical pitfall that can cause unexpected scripts or programs behavior. Namely, accessing registry values across different architectures (say, 64-bit entries from 32-bit applications).

It’s been shown that if you follow a proven collection of practices for developing, designing, testing, implementing, and maintaining your software, you will produce a much higher quality product. Over the past few years, we have seen an increasing number of cases of attacks on the application layer. The Open Web Application Security Project, OWASP, estimates that around one-third of web applications contain security vulnerabilities.

Different IT organizations have different needs. The one-man shop might find the best success with open-source software, while enterprises often need something a little more. But occasionally you’ll see an enterprise using open-source or something designed for a small to medium-sized business. This can be a good thing in certain instances, though it’s not without risks. So, why might you want to use SMB or open-source gear in an enterprise setting, and when might it be a good thing?

Technology has a way of circling around to the same ideas over time, but with different approaches that learn from previous iterations. Service Oriented Architecture (SOA) and Microservices Architecture (MSA) are such evolutionary approaches. Where lessons learned made sense, they were reused; and where painful lessons were learned, new methods and ideas were introduced.

Following the release of Azure Monitor for VMs in January 2020, some changes have been made to how its performance data is stored in Log Analytics. The most significant of these changes is that this data is now stored in the InsightsMetrics table rather than in the Perf table, as we discussed in our ‘What is Azure VM Insights?’ article.

In one of our recent posts, we provided insights on how companies can move from traditional, basic infrastructure monitoring to more advanced monitoring. For many companies, basic monitoring and alerting is just not enough anymore. Staying competitive by deploying new features faster while providing the seamless experiences customers expect requires a more sophisticated monitoring analytics strategy.