nis2  |  compliance

NIS2 Directive: a strong request for better incident handling

Did you know the European Union created a rule called the NIS Directive? This rule was established in 2016 to ensure that all member countries are equally protected against cyber attacks. It’s a step towards making it easier for governments to work together to stop cyber threats. However, the Directive was expected to provide more specific instructions for protecting against attacks and ensuring all countries follow the rule. The rule also requires companies and governments to be better prepared to handle cyber attacks and have a plan in case something goes wrong.

security  |  microsoft nps  |  radius

Onboarding Microsoft NPS logs

For those of us who manage network authentication and authorization, RADIUS is a familiar term. This protocol was introduced in the last century, and many of us from those days still remember the old-school diagrams, which surprisingly remain on the Cisco Systems website today. Figure 1. Interaction between dial-in user requests, the RADIUS client and server © Cisco RADIUS, which stands for Remote Authentication Dial-In User Service, was developed to address a specific challenge.

releases  |  Enterprise Edition

Announcing NXLog Enterprise Edition 5.11

We are excited to announce the release of NXLog Enterprise Edition 5.11. This latest version introduces two new features and addresses over twenty important issues, including two of the most significant which are highlighted in this announcement. Key enhancements in NXLog Enterprise Edition 5.11 Support for new macOS ES events NXLog Enterprise Edition 5.11 now supports the events introduced by version 13 of the macOS Endpoint Security (ES) API. Check the official Apple documentation for the most up-to-date list of events supported by the macOS ES API.

release  |  Raijin database

Raijin announces release of version 2.1

Raijin has announced the release of version 2.1 of its powerful, schemaless SQL-like database engine. This focuses on performance improvements. Read on for the highlights and check out the Raijin release notes for a complete list of the features and improvements. Performance improvements As mentioned, this release focused on optimizing the performance of partitioned database tables. Partitioned tables store data in separate locations with their own set of metadata based on the values present in the data.

deployment  |  strategy

What is agentless log collection?

Agentless log collection refers to gathering log data from various sources without installing dedicated software agents on the systems generating the logs. Instead, it leverages protocols such as SNMP traps, WECS, WMI, and syslog to retrieve log data remotely. It is easier to explain what agentless log collection is by also providing some context about agent-based log collection. The truth is that these two options for collecting logs walk hand in hand, meaning that they can and will likely coexist on your network.

log collection  |  cybersecurity

Ingesting log data from Debian UFW to Loki and Grafana

An excellent way to get started in a new technology area or refresh our knowledge is to devise a solution based on a small idea or need. This blog post covers such a situation, with a small personal project demonstrating how to use NXLog’s powerful features. I embarked on a small pet project centered around a cloud machine running Debian 10. It connects telemetry from my home, country house, and notebook.

More

Harnessing TPM encryption with NXLog

Announcing NXLog Enterprise Edition 6.3

NIST Cybersecurity Framework 2.0. Update Takeaways

Raijin announces release of version 2.0

All Posts