Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2024

Announcing the General Availability of Splunk Enterprise Security 8.0

At.conf24 we unveiled the private preview of Splunk Enterprise Security 8.0, and the buzz was undeniable. Today, we are thrilled to announce that Splunk Enterprise Security 8.0 is now generally available! This isn’t just another release—it’s a massive leap forward that redefines and revolutionizes security operations. Splunk Enterprise Security 8.0 is the cornerstone of the SOC of the Future.

What Is DFIR? Digital Forensics & Incident Response

We all know how often attackers gain access to online devices to compromise security. That’s why digital defense is as important as physical defense. However, ensuring digital safety can be more challenging than physical safety. To overcome this problem, authorities combine digital forensics with incident response. But what does this mean?

The Forensic Investigator Role: Skills and Responsibilities

Businesses adopt new and sophisticated technology every day. All that tech, however, comes with the risk of crime or financial fraud. That’s what forensic investigators help with — they solve these crimes by identifying the criminals and recovering the assets. Forensic investigators collect evidence from crime scenes, analyze it, and conclude the results in a report that later serves as an important document in trials.

Fueling the SOC of the Future with Built-in Threat Research and Detections in Splunk Enterprise Security

The cybersecurity threat landscape is ever-changing and evolving, with bad actors implementing increasingly sophisticated strategies to evade detection. However, many security teams struggle to adapt their detection strategies at the same pace. Supporting advanced threat detection requires organizations to invest in consistent threat research and detection engineering. Without that, they cannot develop the high-quality detections needed to target the latest threats.

Cybersecurity Frameworks: What They Are & How to Use Them

With the easy availability of tools and knowledge, cyberattacks of all sorts are running rampant, putting pressure on organizations to better defend themselves. Security is a continuous process that grows over time — exactly why organizations need to create a strong foundation. Two important questions every organization has asked themselves are: Where do we start, and have we done enough?

The Rise of Student-Powered Security Operations Centers (SOCs)

In today's digital age, the prevalence of cyber attacks has become a major concern for organizations across various industries, with higher education institutions particularly vulnerable. As the volume and complexity of cyber threats continue to escalate, there is a growing need for innovative solutions to bolster cybersecurity defenses.

My CUPS Runneth Over (with CVEs)

The Common Unix Printing System (CUPS), a standard component in nearly every Unix-like and Linux system, has recently come under scrutiny due to a series of critical vulnerabilities discovered by security researcher Simone Margaritelli. These issues, collectively known as the CUPS vulnerability, expose Linux and Unix environments to potential remote code execution and information disclosure risks.

An Introduction to Threat Monitoring

According to CIS, just in the first half of 2024, malware-based threats rose by 30% from 2023. A similar 30% year-over-year increase was also found in cyber attacks in 2024 in a report by Check Point Research. With such alarming statistics, it is evident that the need for threat monitoring has become more critical than ever before. In this blog post, we'll explore what threat monitoring entails, why it's essential, and how you can implement best practices to safeguard your business.

A Case Study in Vulnerability Prioritization: Lessons Learned from Large-Scale Incidents

There’s no way around it: vulnerability management is complex. As organizations become more reliant on software and applications, the sheer volume of known vulnerabilities has become more difficult to track, prioritize, and remediate. Adversaries have also become increasingly reliant on exploiting vulnerabilities in order to compromise organizations.