SIEMs have historically done well in helping organizations detect threats. Modern threat activity has shown, however, that tracking pre-selected data and relying on IOCs …
SIEMs have historically done well in helping organizations detect threats. Modern threat activity has shown, however, that tracking pre-selected data and relying on IOCs …
Overview Along with the flashier new features of Gravwell 5.0.0, we included something quietly powerful: tokens. API tokens are not a new concept; pretty much every large system has them, and now we...
Overview We are pleased to announce the immediate availability of Gravwell version 5.0.0 (codename Orion). This release marks a major milestone on our journey to simplify how users interact with...
Overview For this post we are going to be focusing on three EventIDs that pertain to the Windows Registry. These sysmon events occur when a registry key is created, updated, deleted, or renamed. ...
We are pleased to announce the immediate availability of the Gravwell Sysmon kit. This kit is designed to get you started quickly with Sysmon data and demonstrate the art of the possible. This post...
Overview Today we are going to talk about something very important - beer. Homebrewing has a long tradition and many master brewers started by making swill in their basement. So today, I am going...
This week sees the release of Gravwell 3.3.9, our last planned release prior to the 3.4.0 "Big Bang" release. The Big Bang release will introduce Gravwell kits (our way of providing pre-packaged...
We are excited to announce the immediate availability of Gravwell version 3.3.0. This release being a Minor release features a few fairly significant features and a whole heap of bug fixes and...
We proud to announce the immediate availability of Gravwell version 3.2.3. This release is all about performance and bug fixes, but we did manage to slip in a new Kafka ingester.
We are pleased to announce the immediate availability of Gravwell version 3.2.2! This one got away from us a bit and probably should be a major release, there is just too much good stuff in here. I...
