Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In our last RBA blog post, we introduced the Splunk RBA journey and how to plan for a successful implementation. In this post, we dive deeper into the four levels of this journey. One of the things I've discovered in working with Splunk customers is that there is a big difference between an initial trial of RBA and using it effectively in a production environment.

Cybersecurity awareness is on the rise as more organizations adopt security awareness training programs. Why the hype? In several recent reports, we break down our findings around why SAT is on the rise—and why companies need it now more than ever.

Polymorphic and metamorphic malware constantly changes itself in order to avoid detection and persistently remain on the system. This adaptive behavior is the main distinctive attribute of these types of malware, which is also why they are harder to detect; it is also why they pose a great threat to systems. On the surface, the functionality of this sort of changing and mutating malware appears the same, but each has its own differences.

With increased dangers lurking in digital spaces, the need for cybersecurity is now a commonly known fact for just about all business owners. When it comes to protecting their network, most start with the basic firewall. While added layers are required, there is something even more fundamental that should not be overlooked: the physical connection itself. It is like making sure you have secure and quality doors and windows prior to putting alarms on them.

The need for skilled cybersecurity personnel is having an impact on companies’ ability to stay secure. Despite the global cybersecurity workforce growing to 4.7 million in 2022, reaching record levels, according to data from the (ISC)2 2022 workforce study, there’s still a need for more than 3.4 million security professionals, an increase of 26% over 2021.

In today’s rapidly evolving cybersecurity landscape, managing privileged access has become a critical concern for organizations of all sizes. Two common approaches to managing privileged access are Privileged User Management (PUM) and Privileged Access Management (PAM). In this article, we compare PUM vs PAM approaches and explore why they matter for your organization’s security.

This post is the second in a series describing OAuth implementation issues that put companies at risk. We create these posts to share rich technical details, drawn from real-world use cases, to educate the broader industry on the nature of these errors, their potential impact, and how to avoid them to better protect API ecosystems.

Beginning on June 1, 2023, at 00:00 UTC, industry standards will mandate that private keys for code signing certificates must be stored on hardware that meets specific security certifications such as FIPS 140 Level 2, Common Criteria EAL 4+, or an equivalent standard. This requirement applies to all new code signing certificate requests and requests for renewal and reissue of existing certificates.

New data shows that changes in cybercriminals’ phishing techniques are improving their game, making it easier to make their way into a potential victim user’s inbox. I recently wrote about how 12% of all email threats were getting all the way to the inbox. But new data from cybersecurity vendor Armorblox’s 2023 Email Security Threat Report shows that the number is much higher, depending on the security solutions in place.

Malign persuasion can take many forms. We tend to hear the most about phishing (malicious emails) or smishing (malicious texts). Other threats are also worth some attention, like the risk of drive-by attacks. One current drive-by campaign is being run by the operators of BatLoader, a malware strain that establishes initial entry and persistence, and then can be used to distribute a range of other malicious code that loots affected systems and networks of valuable data, including funds.