HOUSTON — Nov. 3, 2025 — Graylog, a leading provider of SIEM and threat detection solutions, today launched its Graylog Security Fall 2025 release (Version 7.0). The latest version introduces AI-driven insights, Model Context Protocol (MCP) Server Access, and Amazon Security Data Lake integration, enabling Security Operations Centers (SOCs) to operate with greater clarity, speed, and cost efficiency.

The new platform features AI-enabled dashboards for instant, explainable insights into threats. It provides MCP Server access, which securely connects Large Language Models (LLMs) directly to Graylog data for natural language queries. These capabilities deliver measurable efficiency gains for teams that need to accomplish more with fewer resources.

“Our focus is on helping them take back control, with practical AI that drives faster insights, smarter investigations, and measurable efficiency. With this release, we’re giving teams explainable AI they can trust. By combining innovation with simplicity, and AI with human insight, organizations can meet security challenges head-on with technology that works for them.”

— Seth Goldhammer, Vice President of Product Management at Graylog

Expanding Access to Security Data Through Natural Language

This release introduces Graylog MCP Server Access, a secure new way for teams to interact with their Graylog environment through natural language. The MCP Server securely connects user-approved AI agents or LLMs to Graylog, adding a conversational layer for querying and analysis—fully governed by user permissions and license tier.

Analysts (or their AI agents) can ask questions like:

  • “Show me assets that increased in risk score over the past week and are linked to open investigations.”
  • “Summarize the top five MITRE techniques detected across failed logins in the last 24 hours.”
  • “Which indices are nearing rotation thresholds, and how much storage is currently in use across the cluster?”

This capability boosts productivity and awareness by providing a faster, more intuitive way to interpret and act on security data.

Reducing Cost and Complexity with AWS Security Data Lake Integration

Graylog 7.0 introduces support for external data lake connectors to AWS Security Data Lake. This feature is crucial for controlling costs and managing complexity in hybrid cloud environments.

Key Capabilities:

  • Filtered Inputs: Ingest only the specific data required for active monitoring.
  • Preview and Selective Retrieval: Maintain visibility across AWS services without redundant storage.

This capability allows customers to reduce unnecessary transfer costs, storage usage, and licensing impact by keeping log messages not aligned with active analytics in AWS.

Redefining the SOC for the Real World

Built for lean, outcome-driven teams, Graylog unifies log management, SIEM, and AI-powered threat detection and investigation in a single, scalable platform. Unlike legacy SIEMs weighed down by cost and complexity, Graylog Security delivers transparent and understandable AI.

Every alert, summary, and recommendation is explainable, empowering security teams with clear context and control to respond faster and smarter.

The Graylog Security Fall 2025 release is available today. Visit Graylog to explore new features or talk to Graylog’s AI Concierge Arti.

About Graylog
At Graylog, our vision is a secure digital world where organizations of all sizes can effectively guard against cyber threats. We’re committed to turning this vision into reality by providing Threat Detection & Response that sets the standard for excellence. Our cloud-native architecture delivers SIEM, API Security, and Enterprise Log Management solutions that are not just efficient and effective—whether hosted by us, on-premises, or in your cloud—but also deliver a fantastic Analyst Experience at the lowest total cost of ownership. We aim to equip security analysts with the best tools for the job, empowering every organization to stand resilient in the ever-evolving cybersecurity landscape.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.