When you first hear ‘shellcode,’ you might think of shell scripting. Surprisingly enough, neither shellcode nor shellcode injection have anything to do with shell scripting. Keep reading to learn more!

The Slack Audit Logs API is for monitoring the audit events happening in a Slack Enterprise Grid organization to ensure continued compliance, to safeguard against any inappropriate system access, and to allow the user to audit suspicious behavior within the enterprise. This essentially means it is an API to know who did what and when in the Slack Enterprise Grid account. We are excited to announce the Slack Add-on for Splunk, that targets this API as a brand new data source for Splunk.

Auth0 is one of the top leading identity management platforms in the world. It’s focused on providing solutions for application builders, specifically solutions needed for custom-built applications. Auth0 provides expertise to scale and protect identities in any application, for any audience. This post will show you how Coralogix can provide analytics and insights for your Auth0 log data – including performance and security insights.

The demand for cloud computing has skyrocketed in recent years. Lower costs, a faster time to market, increased employee productivity, scalability, and flexibility are some of the beneficial factors motivating organizations to move to the cloud. It’s not likely that organizations will slow down with their migration plans, either.

Working remotely has its own personal challenges in terms of productivity: between the cat walking across your keyboard and the kids dropping in on your Zoom meetings, workers across the globe have had to adjust to doing their job in a different way. Organisations also had to swiftly transition to employees working remotely, and this has introduced a new set of risks from a cyber security perspective.

In the world of CVEs, we have seen a few interesting ones released in the last couple of weeks since our last risk based vulnerability management blog, including the recent big news items affecting F5 BIGIP and Pan-OS. Read on for more information on how to prioritize these vulnerabilities for patching to mitigate risk.

Picture your workspace at the office from ten, five, or even two years ago—what has changed? Your computer likely occupies less space than it did in the past. Your office phone, which was once wired to the corner of your desk, now sits comfortably in your pocket. And you are probably working at home exclusively, or at least most of the time.

Compliance frameworks provide guidelines for effective and secure operations for content management across a company’s various repositories. They’re written as a set of controls, each one which corresponds to different settings and policies that an organization must follow in order to ensure the safety of their data.

Honeypot might remind you of Mata Hari style spies, shocking plot twists and intriguing schemes but in the cybersecurity context, it has a whole different meaning. Keep reading to learn what it is!

It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.