Graylog 5.1 optimizes threat detection and response

Graylog announced at the RSA Conference 2023 Graylog 5.1 with new incident investigation and enhancements to its cybersecurity solution.

Currently available in Beta, version 5.1 of Graylog Security and the Graylog Platform will be GA in May 2023.

With the new incident investigation capability, Graylog Security customers can easily collect and organize datasets, reports, and other contexts while investigating a potential incident or issue. The innovative workspace tracks the status and progress of any new or existing investigations from start to finish within Graylog Security. Security analysts can now:

• Collect supporting evidence, including dashboards, search queries, and screenshots
• Compile thoughts and notes discovered during an investigation
• Assign investigations to and collaborate with colleagues
• Track investigation end-to-end status – from creation to closure
• Save investigation information for future investigations

With incident investigations, Graylog eliminates the need for additional tools that are often cost-prohibitive for mid-sized enterprises. Also new to Graylog Security 5.1: additional anomaly AI detectors, the ability to customize anomaly detectors, enhanced Sigma rules support and management, powerful enrichment capabilities to improve threat intelligence management, and expanded out-of-the-box content.

“We continue to meet our customer needs with added features and functionality that make security analysts’ jobs easier and faster, providing them with the confidence, productivity, and expertise to mitigate risks,” said Robert Rea, CTO of Graylog. “Unlike traditional SIEM solutions that are complex and expensive, Graylog is easy to use and affordable, giving customers a superior analyst experience.”

Graylog Security 5.1 combines AI/ML, security analytics, advanced log management, and intelligent search and alerting to offer customers a comprehensive and cost-effective platform to protect against cyber threats.

Graylog Operations 5.1 provides a comprehensive log management platform for collecting, normalizing, and enriching log messages to be efficiently searched, visualized, and monitored for performance and security issues.