Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

splunk

Cracking Braodo Stealer: Analyzing Python Malware and Its Obfuscated Loader

Nov 21, 2024 By Splunk Threat Research Team In Splunk
Braodo Stealer is one of the many active and evolving malware families designed to steal sensitive information, such as credentials, cookies, and system data, from compromised machines. Typically written in Python, this malware employs a variety of obfuscation techniques to conceal its true intentions, making it challenging for security solutions to identify.
Read Post

Unlocking the Power of Splunk's Data Management and Federation Capabilities

Nov 19, 2024 By Splunk In Splunk
IT environments are more complex than ever, with data scattered across multiple sources. Splunk’s data management and federation capabilities provide efficient, cost-effective ways to control, shape, and access data in real-time. Ensure visibility, security, and compliance while optimizing costs. Manage your data at scale and access it wherever it resides with Splunk’s flexible tools.
View Video
splunk

Federated Analytics: Analyze Data Wherever It Resides for Rapid and Holistic Security Visibility

Nov 12, 2024 By John Dominguez In Splunk
Data is everywhere, sprawling across cloud, on-premises, and hybrid environments. As security practitioners, we need fast access to this data to analyze it, draw insights, and uncover potential threats. However, the sheer volume of data and complexity of threats makes it difficult to maintain visibility, detect stealthy attacks, and respond quickly to security incidents.
Read Post
splunk

Unify and Automate TDIR Workflows with Splunk SOAR 6.3 and Splunk Enterprise Security 8.0

Nov 8, 2024 By John Dominguez In Splunk
Security teams are juggling 25+ different security tools that perform different actions across detection, investigation and response. Look up an IP here, send malware to a sandbox there, block an executable over there. What’s worse is that the vast majority of those actions are being performed manually. This approach is simply too slow against fast-moving attackers and malware, and it certainly isn’t sustainable.
Read Post

SOAR in Seconds - Playbook Building with Natively Integrated SIEM and SOAR

Nov 1, 2024 By Splunk In Splunk
In Splunk SOAR 6.3, SOAR features now come fully integrated with Splunk Enterprise Security 8.0. In this demo, see how to easily create a Splunk SOAR playbook in the context of your SIEM workflows. Playbooks and actions are now directly integrated within the Splunk Enterprise Security analyst queue. You can run playbooks and see the results without leaving the Splunk Enterprise Security interface. Both a Splunk SOAR and Splunk Enterprise Security license is required.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.