Skip to content

Graylog Redefines SIEM with More Efficient and Effective Threat Detection

Graylog Introduces Advanced Data Routing to Align Costs with Data Value

HOUSTON – October 21, 2024 Graylog, a leader in Threat Detection, Investigation, and Response (TDIR), today unveiled significant security advancements to drive smarter, faster, and more cost-efficient security operations. The company’s latest capabilities include advanced data routing, asset-based risk scoring, and AI-generated investigation reports. 

These enhancements, and many others in the Fall 2024 release, help organizations realign their time and financial investment with security objectives, empowering security teams to confidently reduce risk. With a detailed understanding of the threat landscape at both user and system levels, Graylog enables organizations to make more informed decisions about their security posture and respond more effectively to potential threats.

Exclusive to Graylog is its native advanced data routing that enables practitioners to send lower-value “standby” data to inexpensive storage before it is indexed by Graylog. Standby data is available for retrieval into Graylog for future incident investigations. This classification shifts the typical SIEM license model to more accurately align with the overall value of the data. Security and IT operations teams can now invest time and money in the value of the data sent, processed, and stored while minimizing the number of technology solutions managed.

“A challenge with SIEMs has been the need to bring in all the data from log sources as if all the log messages are of equal value,” said Seth Goldhammer, vice president of product management at Graylog. “Of course, if a log message is dropped, it is gone forever. Our new data routing removes this compromise, allowing practitioners to bring in all the data and only pay for the log messages delivering value.” 

Graylog’s asset-based risk modeling finds related security events across attack surfaces and prioritizes what should be investigated with context such as vulnerability state, variance, and API risk. Instead of thousands of daily alerts requiring individual triage and investigation, Graylog prioritizes the high-risk users and systems for security analysts, grouping together multiple alerts and context to expedite the investigation

Graylog’s Fall 2024 release includes a timeline visualization of events and leverages GenAI to summarize these details, including impact analysis, into an incident response report to further aid with those investigations and save analyst time.

To learn more about these new capabilities, attend Graylog’s free virtual user conference, Graylog GO, which will be held Oct. 23 – 24. 

About Graylog  
At Graylog, our vision is a secure digital world where organizations of all sizes can effectively guard against cyber threats. We’re committed to turning this vision into reality by providing Threat Detection & Response that sets the standard for excellence. Our cloud-native architecture delivers SIEM, API Security, and Enterprise Log Management solutions that are not just efficient and effective—whether hosted by us, on-premises, or in your cloud—but also deliver a fantastic Analyst Experience at the lowest total cost of ownership. We aim to equip security analysts with the best tools for the job, empowering every organization to stand resilient in the ever-evolving cybersecurity landscape.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

How do password managers work?

Security guidelines state that all accounts, regardless of their importance, should use unique and complicated passwords. Unfortunately, the burden of juggling different accounts with long passwords that are difficult to keep track of or enter without typos leads to people settling for simpler, repetitive, and far less resilient passwords. 

This struggle can be easily solved once you know how password managers work to support your credential handling. Whether it’s a built-in browser password manager or a dedicated third-party tool, they let you conveniently keep track of your credentials without losing out on that security factor. Let’s look into how password managers actually work, what features they may offer, and what makes them a safe choice to store all sensitive details in one place.

What is a password manager?

Password managers are pretty self-explanatory—they’re tools that let you store and manage your login credentials. They do the heavy lifting for you by storing your essential login information, such as your usernames, passwords, and email addresses.

Even if the term doesn’t ring a bell, chances are you’ve already used one before. Browsers like Chrome, Firefox, and Opera have built-in password managers that let you save your login details, saving you time whenever you need to log in. Third-party password managers are generally regarded as a more secure alternative to their browser counterparts.

What does a password manager do?

The primary purpose of a password manager is to provide secure storage for sensitive information. This is achieved through encryption—the process of scrambling data so that it can only be accessed if you have the right key to decipher it. A password manager like NordPass encrypts information on your device and, once it’s scrambled, sends it to the servers for safekeeping. This helps ensure that even in the case of a breach, the data is not accessible to unauthorized parties in plaintext.

As for the data itself—despite the name, password managers are not limited to passwords alone. They also provide storage for email addresses, personal addresses, ID information, banking details, and any other sensitive data that you want to keep safe. Password managers can even provide storage for passwordless solutions—NordPass lets its users store and manage passkeys.

Secure storage is just the tip of the iceberg. By now, password generators are a basic requirement for both browser-based and standalone password managers. Password generators help easily create unique and complex passwords that meet the standards of various security protocols. Instead of coming up with a password yourself, you can have the password manager generate a random, one-of-a-kind string of characters for you.

Password managers can take the chore out of finding the right password for the right account. Although you can use the vault search function or sort your credentials alphabetically when you need them, password managers eliminate this manual step altogether with autofill. This function instantly finds the login credentials you need and inputs them for you, instantly letting you access your account. Additionally, autosave detects whenever you’re entering credentials that aren’t in your vault and lets you store them without needing to type them out yourself.

 

Family password management

We usually focus on the benefits password managers offer to individuals. But did you know that you can share this tool with your friends and family and keep your entire closest circle protected online?

A password manager facilitates secure and convenient credential sharing. Imagine a family of five using a single Amazon account but scattered across different households. Using a password manager like NordPass, they can securely juggle access to the shared account. No need to send an unencrypted text message, a screenshot, or spell it out over the phone—you can simply select the password you want to share, who you want to share it with, and what access permissions you want to grant.

Managing passwords within a family is also convenient for broader security. Setting up a NordPass Family account grants access to Premium features like the Data Breach Scanner, which tracks the dark web for any signs of leaked personal information, and Password Health, which lets you know if any of your passwords are old, weak, or reused.

Multiply that by six, and you have your family’s cybersecurity sorted. And don’t forget, a family password manager doesn’t mean it has to be your relatives only—you can bring your spouse or friends along for the ride.

Business password management

Have you ever given in to the temptation to reuse one of your personal passwords for a work-related account to save time? It wouldn’t be surprising—between juggling accounts for personal and professional use, an average person has to handle 168 and 87 passwords, respectively.

A business password manager is here to keep things simple and separate personal and work credentials. It helps organizations optimize their workflows and implement centralized password usage policies that uphold high security standards.

Many features related to corporate credential security are handled from the admin side of password managers. For example, using NordPass, security managers can establish password strength requirements, such as password length, use of special characters, and frequency of updates.

Companies can set up extra layers of security, like multi-factor authentication, across the company. Additionally, NordPass offers a built-in Authenticator, allowing employees to easily generate two-factor codes for their work accounts and access login credentials all in one place.

As for employees themselves, they can handle their work-related accounts, such as corporate emails, social media communications, or banking. They can also securely share credentials with their colleagues or clients for collaboration.

NordPass allows Business users to control their shared access permissions to maintain data security. No need to fear losing track of what’s been shared—the Activity Log gives a clear overview of who created, edited, or granted access to credentials.

How to use a password manager

The hardest step in getting started with a password manager is finding the right one for you. The core will be similar everywhere—all you need to do is create an account, set up a master password, and add credentials to your encrypted vault. And if you’re looking for additional security for your cyber life, look no further than NordPass.

Whether you’re looking to cover your own personal needs, handle sensitive work-related data, or share passwords more securely with your friends and family, NordPass offers something for everyone. It’s built on zero-knowledge architecture and uses XChaCha20 encryption to provide a high level of security for both your personal and professional sensitive data. Start your hassle-free digital life with NordPass—a password manager that puts convenience first without compromising your security.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About NordPass
NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Penta Security Enhances Asian Market Presence through Strategic Partnership with Version 2 Digital

Penta Security, a leading global provider of web, data, and IoT security solutions, proudly announces its strategic partnership with Version 2 Digital, a dynamic IT company based in Hong Kong. This partnership aims to strengthen Penta Security’s presence in the Asian market by leveraging Version 2’s extensive sales network to distribute WAPPLES, Penta Security’s Web Application & API Protection (WAAP) solution, across Hong Kong, Macau, Taiwan, and Singapore.

Carlos Cheng, Founder and Managing Director of Version 2 Digital, expressed his excitement about the partnership: “We are honored to collaborate with Penta Security, a leader in cybersecurity. This partnership will enable us to bring advanced security solutions to our diverse client base, helping them safeguard their digital assets against the increasing threats in the cyber landscape.”

Ian Choi, Head of Global Business at Penta Security, added, “Partnering with Version 2 allows us to leverage their extensive network and expertise in the IT industry. Together, we aim to deliver unparalleled security solutions and services to businesses and consumers across these regions. We look forward to continuous collaboration to generate synergies not only in the security industry but also in the encryption business sector.”

About Penta Security
Penta Security takes a holistic approach to cover all the bases for information security. The company has worked and is constantly working to ensure the safety of its customers behind the scenes through the wide range of IT-security offerings. As a result, with its headquarters in Korea, the company has expanded globally as a market share leader in the Asia-Pacific region.

As one of the first to make headway into information security in Korea, Penta Security has developed a wide range of fundamental technologies. Linking science, engineering, and management together to expand our technological capacity, we then make our critical decisions from a technological standpoint.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

10 Questions Every CISO Should Be Able to Answer About Their Organization’s Cybersecurity Program

Chief Information Security Officers (CISOs) are at the frontline of enterprise cybersecurity, balancing technical know-how, business strategy, and regulatory compliance. So these security leaders, being unprepared to answer key questions about your organization’s security posture can spell disaster. Whether the inquiry comes from a board member, a regulator, or a concerned customer, CISOs need to have rock-solid responses. Below are the top 10 cybersecurity questions every CISO should be able to answer — and why each one matters.

1. What is our most valuable data, and how are we protecting it?

Every organization has sensitive data—whether it’s intellectual property, customer information, or financial data. CISOs must understand what data, if compromised, would cause the most harm to the business. This includes knowing where the data is stored, who has access, and the security measures in place to protect it, such as encryption and access controls.

2. What is our cybersecurity strategy, and how does it align with business objectives?

Gone are the days when security was an IT-only issue. CISOs must articulate how their cybersecurity strategy aligns with overall business goals. As far as cybersecurity questions go, it’s critical that CISO be able to answer: are there security initiatives that support business growth? How do security investments reduce risk to mission-critical operations? A solid answer demonstrates the CISO’s ability to position security as a business enabler, not just a cost center.

3. How do we manage third-party risks?

Third-party vendors and partners are often the weakest links in an organization’s security chain. A CISO should be able to detail the process for vetting vendors, monitoring compliance, and mitigating risks from third-party relationships. Key considerations include whether vendors comply with relevant standards (like SOC 2 or ISO 27001) and whether their access is controlled through solutions such as Zero Trust and network segmentation.

4. How do we ensure continuous compliance with evolving regulations?

The regulatory landscape is increasingly complex, with rules such as GDPR, CCPA, and HIPAA demanding strict adherence. A CISO needs to be on top of current and emerging regulations and should be able to answer how the organization remains compliant while keeping operations efficient. This includes automating compliance processes and preparing for audits.

5. What are our biggest cybersecurity risks today, and what’s the plan to mitigate them?

No organization is immune to risk, but CISOs should know what specific threats pose the greatest risk to their environment—whether it’s ransomware, insider threats, or supply chain attacks. They should also be able to outline the mitigation strategies in place, such as endpoint protection, NAC solutions, and employee awareness training programs.

6. What’s the incident response plan, and when was it last tested?

Every CISO needs a well-rehearsed incident response plan (IRP) to contain and recover from a cyberattack. It’s not enough to have a plan in place; it must be regularly tested and updated to reflect new threats and vulnerabilities. CISOs should be able to answer questions about the IRP’s effectiveness, who participates in incident response exercises, and how quickly operations can resume after an incident.

7. How do we protect remote workers and hybrid environments?

With the rise of remote and hybrid work, securing endpoints outside the traditional network perimeter has become critical. A CISO should explain the measures in place to protect remote workers, such as network access control (NAC), endpoint detection and response (EDR), passwordless authentication, and Zero Trust policies.

8. What’s our approach to managing insider threats?

Insider threats—whether malicious or accidental—pose a significant risk to any organization. CISOs must demonstrate that they have tools and processes to monitor suspicious behavior and detect anomalies. This includes knowing how the organization identifies high-risk insiders, limits access to sensitive data, and enforces security policies consistently.

9. How do we keep employees engaged in cybersecurity awareness?

Cybersecurity isn’t just the responsibility of the IT team; it’s a shared responsibility across the organization. A CISO needs to discuss how they build a culture of security awareness, what training programs are in place, and how they measure the effectiveness of these efforts. This also includes addressing phishing simulations, gamified training, and reward programs to reinforce positive behavior.

10. What metrics do we use to measure the effectiveness of our cybersecurity program?

CISOs must be able to back their strategies and claims with data. What key performance indicators (KPIs) and metrics are used to measure success? These might include time to detect and respond to threats, the number of incidents contained, compliance scores, and audit results. Clear metrics help justify security investments and demonstrate the value of the program to stakeholders.

Accountability for these Cybersecurity Questions

Being a CISO is no small task. These 10 cybersecurity questions are just the starting point, but they cover the fundamental aspects of an organization’s cybersecurity posture—from strategy and risk management to compliance and incident response. CISOs who can confidently answer these questions demonstrate not only a mastery of their cybersecurity program but also a deep understanding of how security supports the broader business. In today’s threat landscape, preparation is everything—and that starts with knowing the right questions to ask and answer.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Perforce Aims to Embed AI at Every Stage of the Testing Lifecycle from Creation to Maintenance

AUSTIN, Texas, October 15, 2024Perforce Software, the DevOps company for global teams requiring speed, quality, security and compliance at scale along the development lifecycle, announced its AI-driven strategy during the DevOps + Data Impact event. The strategy covers four AI-driven pillars across the testing lifecycle: test creation, execution, analysis and maintenance, across all main environments: web, mobile and packaged applications. The result would remove traditional testing barriers to help testing teams achieve new levels of agility, reliability, and breakthrough advancements.

The amount of talent in the testing space as well as the overall continued practice of manual testing — according to Forrester’s Developer Survey, 2023, 43% of testing is still done with manual practices — cannot keep pace with the quality and security needed in the testing space. To compound this, by 2028 IDC predicts that there will be over one billion new logical applications*.

“Test maintenance continues to be a huge burden for organizations and can lead to outdated tests and slower releases,” said Melinda-Carol Ballou, Research Director at IDC. “Building on earlier investments within the testing industry, we’ve seen a great uptick in AI and Machine Learning as key technologies that can greatly improve this area of development, including potential for increased efficiency, time and cost savings and business execution.”

Perforce’s vision for AI in software testing aims to democratize software testing by enabling testers of every skill level on every team. It will lead to simplified test creation, faster debugging, enhanced collaboration, and the elimination of test maintenance.

“What we aim to deliver is not just leveraging AI to augment and improve the way testers work today, but we are implementing AI testing that completely changes the way testing works within a business,” said Stephen Feloney, Vice President of Product Management at Perforce. “There are two core areas that we are revolutionizing in testing that we know teams will find immediate value in. First, is the reduction of the traditional tools and elimination of frameworks to make testing infinitely more flexible. Secondly, we want to create full automation of test maintenance, which continues to be a blocker to efficient testing and faster releases. Testers should focus on developing test cases instead of worrying about creating and maintaining automated scripts.”

This vision for continuous testing by Perforce will be comprised of four key pillars:

  1. AI-Driven Testing Creation: Eliminates the need for traditional testing frameworks and empowers every team member to contribute seamlessly, accelerating test creation timelines.
  2. AI-Driven Test Execution: AI autonomously adapts to real-time changes, ensuring resilience and consistency across all platforms without manual intervention.
  3. AI-Driven Test Analysis: Provides immediate insights into test failures, pinpointing the root cause to enable faster resolution and continuous optimization.
  4. AI-Driven Test Maintenance: Eliminates manual test maintenance by continuously adapting to UI, data, or logic changes, ensuring your testing suite is resilient and future-proof.

Perforce’s continuous testing suite offers AI currently with Test Data Pro, which provides test data generation powered by AI.

Source:*IDC, 1 Billion New Logical Applications: More Background, doc #US51953724, April 2024

Resources

About Perforce
The best run DevOps teams in the world choose Perforce. Perforce products are purpose-built to develop, build and maintain high-stakes applications. Companies can finally manage complexity, achieve speed without compromise, improve security and compliance, and run their DevOps toolchains with full integrity. With a global footprint spanning more than 80 countries and including over 75% of the Fortune 100, Perforce is trusted by the world’s leading brands to deliver solutions to even the toughest challenges. Accelerate technology delivery, with no shortcuts.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×