Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Companies are under more threat than ever. The rise in cyber threats is alarming: 2021 saw a 30% increase in cyberattacks compared with 2020. Even sophisticated systems with complex countermeasure technologies for security may be vulnerable to attack. Many organizations turn to hackers to counteract these threats. Ethical hackers use the tools and methods of malicious actors to help companies pinpoint their weaknesses and build a more resilient and secure system.

For a long time, security and development were two distinct aspects of programming. As organizations started to leverage software and technology as differentiating factors, the speed and quality of development became more important than ever. Organizations no longer had time after development was complete to address security vulnerabilities. Catching vulnerabilities too late opens companies up to unnecessary risk and can be costly to fix.

It was another eventful year for security professionals in 2022. The year began on the tail of the Log4j vulnerability, data breaches were on the rise, and ransomware attacks were as prevalent as ever. So it’s safe to say cyber resilience is required to be at the forefront for public sector leaders.

I am sure many of you have heard the term “cybersecurity is a team sport.” If you haven’t, I say get on the right team. Security is a complex, ever-changing game of skill and preparedness (never chance). As we like to say here at Splunk, it is all about cyber resilience. To best be prepared to win this game, we need the best team. As with any team sport, there really needs to be other teams - after all what fun is it playing by yourself?

The Windows Registry is one of the most powerful Windows operating system features that can tweak or manipulate Windows policies and low-level configuration settings. Because of this capability, most malware or adversaries abuse this hierarchical database to perform malicious tasks on a victim host or environment. Over the last 2 years, the Splunk Threat Research Team has analyzed and reverse engineered some of the most prevalent and successful malware families.

Cross-Site Scripting (XSS) attacks are bad news. And they can affect lots of people, often unknowingly. Chief among the top cybersecurity threats affecting users worldwide, any website with unsafe elements can become vulnerable to XSS attacks — making visitors to that website unwitting cyberattack victims. To secure your website from XSS attacks, you must first know what they are.

The Splunk Threat Research Team (STRT) is happy to release v3.0 of the Splunk Attack Range. Splunk Attack Range is an open source project that allows security teams to spin up a detection development environment to emulate adversary behavior and use the generated telemetry data to build detections in Splunk. This blog highlights the new features introduced in version 3.0 to help build resilient, high-quality detections.

The New Year brings with it so much to look forward to and we are happy to bring even more to be excited about: a new release for the Splunk App for PCI Compliance. Starting January 11th, version 5.1 will be Generally Available. In this blog, let's review the main benefits of the Splunk App for PCI Compliance and highlight the improvements that version 5.1 brings.

In 2021, I wrote a blog post congratulating the Splunk France team on winning several awards. In 2022, they won even more... This is a quote from the former Arsenal manager Arsène Wenger, which I think is particularly apt. By winning multiple awards, specifically related to cybersecurity, we've shown that we can do even better. Last year, our client Carrefour helped us present our cybersecurity project with them to panels of judges made up of IT managers and CISOs.

These days, security is more important to companies than sales. When your company must maximize renewals, you’re not selling your product once — you’re selling it day in, day out. The moment your security breaches or your services go down, guarantee your customers and users are considering your competitor. Strong cybersecurity helps safeguard your data and your networks from theft, fraud and unauthorized access.