Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

Splunk SOAR Playbooks: Azure New User Census

Hafnium is the latest cyberattack that utilizes a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched). Learn how you can use Splunk Phantom to automate account monitoring to ensure that threat actors are not exploiting vulnerabilities to access sensitive information through authenticated accounts.

Splunk SOAR Playbooks: Crowdstrike Malware Triage

The combination of Crowdstrike and Splunk Phantom together allows for a more smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds. In this video, distinguished Phantom engineer Philip Royer will walk you through an out-of-the-box playbook that you can set up in Phantom to triage malware detections from Crowdstrike and automate a variety of responses based on an informed decision by an analyst.

Dear CISO

As security practitioners, we all have things we want to be able to tell our CISO’s. We need to tell them we need more money, more headcount, we need to be able to tell them their baby (security program) is ugly. Everyone wants the ear of a CISO for the dollars they control. We just want their ear to help them understand what’s really going on in the industry and in their organization.

I Wish Someone Had Squished That Phish

It’s long since been established that it’s not if a breach will occur in your enterprise, it’s when. Are you prepared for that response? As Dave Kennedy, CEO of TrustedSec once asked a Brrcon audience, “If all you had was Sysmon, could you still do a successful IR?” Best practices are only best if you actually practice them. Along with Robert Wagner, Staff Security Specialist at Splunk, we’ll talk about ways to get your teams to their fighting weight when the bad guys sneak in through the basement.