Continuing to ride the waves of Summer of Security and the launch of Splunk Security Cloud, Splunk Security Essentials is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. No matter how you choose to deploy Splunk, you can apply prescriptive guidance and deploy pre-built detections from Splunk Security Essentials to Splunk Enterprise, Splunk Cloud Platform, Splunk SIEM and Splunk SOAR solutions.

Threat intelligence provides valuable insight into contextual business risk. You can gain insight into threat actors targeting your industry or information from your organization located on the Dark Web. According to one report, 79% of security professionals find threat data feeds essential to their organization’s cybersecurity posture. Additionally, 63% of respondents noted that they use feeds to ensure a better defense.

First coming to light as a local elevation of privilege vulnerability affecting pre-release versions of Windows 11 (Figure 1), subsequent investigations into the issue, namely sensitive registry hive files being accessible to all users when 'System Protection' is enabled, confirm that it also affects Windows 10. Initially dubbed 'HiveNightmare' and 'SeriousSAM' by security researchers, CVE-2021-36934 has been assigned to this vulnerability although the CVSS score has yet to be determined.

Fraudulent phone calls have been an issue for years, and they’re becoming more common. According to a recent report from Truecaller, 59.49 million Americans lost money to scam calls in the past year, costing $29.8 billion. These threats have risen in both number and cost, and businesses can’t afford to ignore this trend. Small and medium-sized businesses are popular targets for fraud, as they often have less security.

Prototype Pollution is one of the less known vulnerabilities in the security community. Researchers started to discuss it as a potential attack vector around 2017, and the first vulnerabilities were found in the wild at the start of 2018. In this article, we’re going to take a deep dive into what Prototype Pollution vulnerabilities are, and how they can be mitigated.

We’ve been asked to provide a comparison of scan times between Snyk Code and two common SAST tools: LGTM and SonarQube. For our research, we made several assumptions, but we’ve shared the details in order to be transparent.

TModern data protection has five key drivers, all of which an organization must seek to understand. These drivers equally apply to cloud and non-cloud related data and should form the basis of any robust data protection strategy.

To keep your business secure, it is important not only to keep the hackers from getting in but also to keep your data from getting out. Even if a malicious actor gains access to the server, for example via an SSH session, it is vital to keep the data from being exfiltrated to an unauthorized location, such as IP addresses not under your organization’s control. In considering a solution to protect against data exfiltration, it is critical to note that one policy does not fit all.

Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another security company calculated the total number of ransomware attacks for the year to be around 65,000, wrote NPR. That’s about seven ransomware incidents every hour.

Ransomware. Nearly every day, we learn about another major attack on companies such as JBS, Kaseya, and Quanta, a key supplier to Apple. Along with the increase in attacks, recent reports have shown the average ransomware recovery cost skyrocketed to $1.85 million this year. And, as companies have become more willing to accept attackers’ ransom demands to restore their mission-critical operations, the average ransomware payment has jumped to more than $170,000.