I hope you're all enjoying this series on Hunting with Splunk as much as we enjoy bringing it to you. This article discusses a foundational capability within Splunk — the eval command. If I had to pick a couple of Splunk commands that I would want to be stuck on a desert island with, the eval command is up there right next to stats and sort. (Part of our Threat Hunting with Splunk series, this article was originally written by John Stoner. We’ve updated it recently to maximize your value.)

Cybercriminals and threat actors use multiple vectors to infiltrate your IT network. They employ a series of coordinated steps as they… Impactful cyberattacks today are no longer executed as a simple virus with self-mutation capabilities, especially when many organizations rely on AI-enabled threat detection capabilities. They’re a lot more sophisticated.

In organizational risk management, Risk Tolerance and Risk Appetite are two fundamental concepts. These concepts are applied in areas such as business investing, decision making, cybersecurity risk management, and overall finance. While these concepts complement each other, they do have different meanings. A simple distinction is this: And there’s a bit more to it.

Known as RegEx (or gibberish for the uninitiated), Regular Expressions is a compact language that allows security analysts to define a pattern in text. When working with ASCII data and trying to find something buried in a log, regex is invaluable. But writing regular expressions can be hard. There are lots of resources to assist you: “But stop,” you say, “Splunk uses fields! Why should I spend time learning Regular Expressions?”

In today's digital landscape, organizations face increasingly sophisticated cyber threats that can compromise sensitive data, disrupt operations, and tarnish their reputation. To mitigate these risks, regulatory frameworks have been developed to ensure robust cybersecurity practices.

Cybersecurity is a team sport, as malicious actors and advanced persistent threats are constantly evolving their tactics. In this ever-changing landscape, it is crucial for organizations to collaborate and learn from one another’s experiences. At Devo, we recognize the importance of teamwork in combating these threats. We are committed to enhancing our product capabilities and content to empower every customer to participate in this collective defense.

What you’re doing isn’t working. Despite best efforts, the scale of cybersecurity data is outpacing the ability of security information and event management (SIEM) solutions to identify and stay ahead of digital threats. Incremental improvements can’t keep pace with the scale of data contained in cloud solutions and the scope of data created by new tools, like generative AI. The result?