Splunk has been named a Leader in the IDC MarketScape: Worldwide SIEM 2022 Vendor Assessment (doc #US49029922, November 2022). We believe this recognition is a testament to our commitment to delivering a best-in-class, data-centric security analytics solution that helps our customers accelerate threat detection and investigations, and achieve cybersecurity resilience.
The SMLS team enables Splunk customers to find obscure and buried threats in large amounts of data through expert analytics. This work is part of a set of machine learning detections built by a specialized team of security-focused data scientists working in concert with Splunk’s threat research teams to help Splunk customers sift through vast amounts of data to identify and alert users of suspicious content.
By way of a brief introduction, I have had a 25+ year career in technology, and this has come with some wonderful experiences and opportunities along the way. One constant throughout my journey has been a need to increasingly leverage data, enabling informed decisions (even automated) at all levels to ensure: secure, high performing and observable products and services are available to the customers and partners I’ve been supporting.
Data encryption is one of the many ways organizations can protect their data. Encryption turns plaintext (readable data) into ciphertext (randomized data), which requires the use of a unique cryptographic key for interpretation. In other words, encryption is a security measure used to scramble data so that it can only be read by authorized personnel.
"People tell you who they are, but we ignore it, because we want them to be who we want them to be.” - Don Draper Earlier this year we announced some security enhancements to how we handle submissions to Splunkbase. The simple statement is we are making things faster/cheaper/better where Splunkbase security is concerned. Faster in that it takes less time for a developer to get an app into our platform. Cheaper in that it’s more automated.
With the high rate of cyberattacks today, the role of a chief information security officer (CISO) has become more important — and much more visible. Businesses have been forced to invest in guarding their infrastructures, networks and sensitive data. This blog post will take a look at the basics of a CISO, as well as the CISO's main tasks and responsibilities.
A major subset of overall cybersecurity, Information Security focuses on protecting sensitive data and information from the risks of cyberattacks. It covers but is not limited to: The fundamental goal of information security is to prevent sensitive data from being compromised by criminals or state actors. InfoSec encompasses a wide range of tasks and practices, spanning from monitoring user behavior to assessing risk to ongoing education.
This past June I presented a.conf22 session called “A Beginner’s Guide to SOAR: Automating the Basics” to address perceptions about SOAR adoption among security practitioners. This was my first in-person presentation to a live audience in several years because of the pandemic and I was encouraged to find that the session was among the highest attended at the event with well over 200 attendees in the room.
I originally planned to write this story as a follow-up to another blog that SURGe released for CVE-2022-3602 and CVE-2022-3786 (aka SpookySSL). That blog mentions that we weren’t able to test with any malicious payloads yet, and as things go… After releasing that blog, we came across proof-of-concept exploits that weren’t detected by our searches.
Simplify your procurement process and subscribe to Splunk Cloud via the AWS marketplace Unlock the secrets of machine data with our new guide All companies want to protect their reputation as any mishandling of it, either self-inflicted or via outside forces, can have a devastating impact. Mitigating reputational issues involves mitigating the risk that leads to them.
