San Francisco, CA, USA
May 30, 2023   |  By Muhammad Raza
The term Tactics, Techniques and Procedures (TTP) describes the behavior of a threat actor and a structured framework for executing a cyberattack. The actors can range from hacktivists and hobbyist hackers to autonomous cybercriminals, underground rings and state-sponsored adversaries. By understanding the Tactics, Techniques and Procedures involved in a cyberattack kill chain, businesses can discover, evaluate and respond to security threats with a proactive approach. Let’s take a look.
May 25, 2023   |  By Austin Chia
Data anonymization is becoming an increasingly prominent and important concept for businesses of all sizes. Whether it’s to protect customer data or satisfy regulatory requirements, data privacy remains a top priority for organizations worldwide.
May 24, 2023   |  By Haylee Mills
In our last RBA blog post, we introduced the Splunk RBA journey and how to plan for a successful implementation. In this post, we dive deeper into the four levels of this journey. One of the things I've discovered in working with Splunk customers is that there is a big difference between an initial trial of RBA and using it effectively in a production environment.
May 22, 2023   |  By Johan Bjerke
Humans have been interacting with a version of AI through voice assistants, facial recognition software and phone photo apps for years. AI’s progress in the last few months, however, has been nothing less than mind-blowing. With its new enhanced capabilities, a meteoric rise in AI’s popularity ensued, and the recent new generative AI services are quickly becoming essential tools for users of all kinds.
May 18, 2023   |  By Shanika Wickramasinghe
The Security Operations Center (SOC) is the central unit that manages the overall security posture of any organization. Knowing how your SOC is performing is crucial, so security teams can measure the strength of their operations. This article describes SOC metrics, including their importance, common SOC metrics, and the steps SOC teams can take to improve them.
May 17, 2023   |  By Ryan Fetterman
Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator (even Sherlock depended on Watson from time to time!). For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH). In this post, we’ll look at M-ATH in detail.
May 17, 2023   |  By David Bianco
In the complex world of Internet security, TLS encryption reigns. The powers behind the throne are the Certificate Authorities (CAs) that play a crucial role in verifying websites' identities and regulating the trust we place in those sites. However, understanding the trustworthiness of the CAs themselves can be challenging.
May 17, 2023   |  By Laiba Siddiqui
Cyberattacks are unauthorized attempts to access data and disrupt your organization's computer systems or networks. It’s reported that 49% of organizations have suffered a data breach over the past two years — it’s possibly higher than that. These data breaches can cause financial loss, reputational damage and legal liabilities. So, organizations develop Red and Blue teams to mitigate the risk of cyberattacks.
May 16, 2023   |  By Michael Weinstein
Even though this blog discusses some serious topics related to security of mission-critical SAP applications, why not start it with a fun trivia question? So, here it is: “What does SAP stand for?” As per the company’s website, SAP is an acronym for the organization’s original German name “Systemanalyse Programmentwicklung,” which stands for System Analysis Program Development in English. Founded in 1972, SAP is a global leader in enterprise application software.
May 16, 2023   |  By Shanika Wickramasinghe
Cryptomining is essential for creating new cryptocurrencies and functioning blockchain networks. However, the increased complexity of cryptomining drives the need for specialized, cost-effective infrastructure to mine cryptocurrencies. Enter the cloud: Cloud computing has become critical for cryptomining, making cloud cryptomining popular among miners. This article describes cloud cryptomining, its history, and the types of cloud cryptomining.
May 26, 2023   |  By Splunk
Help Safeguard Your SAP Environments with Splunk Bring security-relevant SAP data into the fold of Splunk security analytics and operations workflows to accurately detect and rapidly respond to threats impacting your SAP estate.
May 26, 2023   |  By Splunk
The cool kids are the cloud kids (...cheesy, we know, but roll with it). We have two cool cloud experts: Splunker Tom Stoner and Clarify360's Jo Peterson here to share their thoughts - check it out.
May 24, 2023   |  By Splunk
Grab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news.
May 23, 2023   |  By Splunk
Join Audra Streetman and special guest Sydney Howard, Principal Threat Hunter at Splunk for an interview about her career journey, why she thinks purple teaming is so important, and her approach to threat hunting.
May 16, 2023   |  By Splunk
In this 60 second charity challenge benefiting the Save Elephant Foundation, Mick and Audra share their thoughts on regulating artificial intelligence.
May 10, 2023   |  By Splunk
Join David Bianco and special guest Aaron Gee-Clough, Senior Data Engineer at DomainTools for an interview about their collaboration for a research project evaluating the trustworthiness of certificate authorities (CAs) by analyzing five billion TLS certificates using Splunk.
May 10, 2023   |  By Splunk
Grab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Audra also shared their stance on AI regulation as part of this week's 60 second charity challenge, with proceeds benefitting the Save Elephant Foundation.
Apr 30, 2023   |  By Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Ryan and Mick competed in a charity challenge to discuss the impact of splintering social media platforms for keeping track of security news and opinions. The trio also recapped the highlights from RSA Conference.
Apr 26, 2023   |  By Splunk
Grab a cup of coffee and join Mick Baccio and special guests Juan Andres Guerrero-Saade and Jon DiMaggio for another episode of Coffee Talk with SURGe, live from RSA Conference in San Francisco. Guerrero-Saade and DiMaggio are both contributing authors for Bluenomicon, a new book by SURGe that features stories and advice from security leaders and practitioners. You don't want to miss it!
Apr 26, 2023   |  By Splunk
Streamline your workflows by improving SOC process adherence when you codify your operating procedures into pre-defined templates. Use Splunk Mission Control to speed up investigations with pre-built response templates that include embedded searches, actions, and playbooks to empower security analysts. Model your response plans based on pre-built templates that can be used for security use cases such as “Encoded PowerShell Response”, “Insider Threat” or “Ransomware”. Or build your own templates based on your established processes that are scattered across systems to finally achieve repeatable security operations. This allows you to close the gap between your Splunk ES detections and rapid incident response.
Oct 21, 2018   |  By Splunk
The hype around artificial intelligence (AI) and machine learning (ML) has exploded, sometimes overshadowing the real uses and innovations happening everyday at organizations across the globe. The reality is that applying AI and ML to data-dependent challenges presents opportunity for better security, faster innovation and overall improved efficiency.
Jun 1, 2018   |  By Splunk
Cyberattacks are top of mind for organizations across the globe. In fact, 62 percent of firms are being attacked at least weekly and 45 percent are experiencing a rise in the number of security threats. But do organizations have the processes in place to investigate and effectively respond to these incidents? IDC recently surveyed security decision makers at 600 organizations to understand the state of security operations today.
Jun 1, 2018   |  By Splunk
Do you have a plan for cybersecurity? Digital technology is touching every aspect of our lives, which is giving bad actors unlimited runway to create new threats daily. It's this atmosphere that makes it imperative that organizations are prepared, informed and actively hunting for adversaries.
May 25, 2018   |  By Splunk
How can you utilize machine data to be prepared for the General Data Protection Regulation of the European Union?
Apr 1, 2018   |  By Splunk
Security incidents can happen without warning and they often go undetected for long periods of time. Organizations struggle to identify incidents because they often work in silos or because the amount of alerts is overwhelming and hard to determine the signals among the noise.
Apr 1, 2018   |  By Splunk
A security information event management (SIEM) solution is like a radar system that pilots and air traffic controllers use. Without one, enterprise IT is flying blind. Although security appliances and system software are good at catching and logging isolated attacks and anomalous behavior, today's most serious threats are distributed, acting in concert across multiple systems and using advanced evasion techniques to avoid detection.
Mar 1, 2018   |  By Splunk
All data is security relevant and defending against threats involves every department in a company. With cyberthreats and bad actors constantly evolving, it is imperative for everyone in an organization to come together to identify and protect critical data.
Feb 1, 2018   |  By Splunk
Recent cyberattacks have made it clear that organizations of all sizes need to focus on a holistic and cohesive security strategy. Security operations centers (SOCs) have become a focal point in this effort, consolidating the right people, processes and technology to mitigate and remediate attacks.
Jan 1, 2018   |  By Splunk
Current IT security tools and mindsets are no longer adequate to meet the scope and complexity of today's threats. Internet security has evolved over the last ten years but advanced persistent threats and the sophistication of the malware have fundamentally changed the way security teams must think about these new threats and the tools used for detective controls.

Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface.

Splunk turns machine data into answers. Regardless of your organization’s size and industry, Splunk can give you the answers you need to solve your toughest IT, security and business challenges—with the option to deploy on-premises, in the cloud or via a hybrid approach.

Work the Way Your Data Works:

  • Real-Time: Splunk gives you the real-time answers you need to meet customer expectations and business goals.
  • Machine Data: Use Splunk to connect your machine data and gain insights into opportunities and risks for your business.
  • Scale: Splunk scales to meet modern data needs — embrace the complexity, get the answers.
  • AI and Machine Learning: Leverage artificial intelligence (AI) powered by machine learning for actionable and predictive insights.

Any Question. Any Data. One Splunk.