Last week, we released Splunk SOAR 6.2 (Security Orchestration Automation and Response) and in the accompanying announcement blog, we highlighted some of the new key features found in this release. Today, we want to take a more in-depth look at one of those features, logic loops, and show how they make it easier than ever for security engineers and analysts to save time and cut down on repetitive manual tasks.

Protecting intellectual property (IP) and trade secrets is critical to a company’s bottom line. Keeping IP and sensitive business-critical information within the confines of the company and its employees is not always possible, especially in the manufacturing industry. Vendors must often share previews of new products with retailers and distribution partners before release.

Even when looking at the various kinds of risks to business, cyber attacks still remain the biggest problem. But new data shows there may be a lesson to be learned to minimize losses. Aon’s Global Risk Management Survey, nearly 3,000 organizations across 61 countries were asked about sources of business risk. In the report, “Cyber Attack/Data Breach” was the #1 current risk and #1 future risk seen by organizations.

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Shifting a Flexible Single Master Operations (FSMO) role from one domain controller (DC) to another is normally done through a role transfer operation. But if the DC that holds an FSMO role experiences a serious failure that takes it out of service, you must instead seize its FSMO roles and reassign them to a functioning DC. For example, you need to seize an FSMO role if the current role holder: Important: After you seize an FSMO role from a DC, ensure that it is never reconnected to the network.

Security information and event management (SIEM) systems play a pivotal role in cybersecurity: they offer a unified solution for gathering and assessing alerts from a plethora of security tools, network structures, and software applications. Yet, the mere presence of a SIEM isn't a magic bullet. For optimal functionality, SIEM systems must be appropriately set up, governed, and supervised round-the-clock.

In the fast-paced world of cybersecurity, the recently released 2023 ISC2 Cybersecurity Workforce Study paints a bright future for the industry although significant obstacles remain including a workforce and skills gap. Conducted by ISC2, the leading nonprofit member organization for cybersecurity professionals, this study examines critical aspects of the cybersecurity landscape.

Surveys, unfortunately, show that the vast majority of organizations do little to no security awareness training. The average organization, if it does security awareness training, does it once annually, likely as part of a compliance program. It is not enough We know from customer data collected, involving many tens of millions of records, over 10 years, that the more frequently an organization does training and simulated phishing, the better able their staff is able to spot phishing attacks.

When 97% of CIOs all see things the same way, it’s probably a sign to take the risk of cyber threats seriously – a problem new data shows is only going to get worse in the next five years. I cover a ton of reports from cybersecurity vendors on our blog, but when you see a network infrastructure vendor put out a report with intent on just covering the challenges organizations are facing and they have some interesting data on cybersecurity, it got my attention.

We're sometimes asked, "Can you run Bash or Python scripts natively in Tines?" and today, we're sharing the answer, and weighing in on the debate between full-code, low-code and no-code automation. The short answer is yes, you can run scripts and linux commands natively in Tines, however, you might not necessarily want to. Many of our customers avoid doing so for security, usability and performance reasons. Let's take a closer look at some of these potential pitfalls.