My organization is currently utilizing Graylog Open and we were looking for Security Documentation to support performing a Vendor Risk Assessment of Graylog.
A Vendor Risk Assessment is necessary for us to continue to use Graylog Products and to allow further growth into licensed Graylog Products in the future. These requests for information are standard for Organizations following Compliance Regulations that utilize Third Party Vendors and are required to perform reoccurring Risk Assessments.
Documentation would include the companies policies, certifications, and compliance information that support company/product security. (SOC, NIST, ISO, etc.)
graylog support told me this information is not available to be shared to Open Customers, and pointed me to this Community Forum.
Was hoping to chat more with Graylog staff or anyone in the community that has performed similar assessments for these products.
@joe.gross Noticed this article posted by you a few years ago on the importance of Risk Assessments for Organizations. See my request above, I’m trying to perform one on Graylog as a customer, but hit a roadblock on access to documentation. Any help would be appreciated.
If your initial sales contact couldn’t answer your questions, ask for a sales rep that can.
We most definitely share this information with serious prospects.