Time range lookups
Table of Contents:
00:00 - Introduction
00:07 - Concept of Time Range Lookup
00:34 - Example of Time Range Lookup
01:32 - Creating a Time Range Lookup
02:20 - Using a Time Range Lookup
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Pretty-print view
Table of Contents:
00:00 - Introduction
00:21 - Pretty-Print View: Concept
00:46 - Pretty-Print View: Visualization
01:22 - Pretty-Print-View: Extraction
Devo & Dark Reading: The Next-Gen SOC
Terry Sweeney from Dark Reading discusses the role of technologies in the next-gen SOC with Jason Mical, Global Cybersecurity Evangelist at Devo, and Kevin Golas, Director of Security Services at OpenText.
Leverage advanced analytics to secure your endpoint devices
With the new normal adding several more challenges and variables to the security layer, how do you ensure your data is safeguarded without increasing the workload or the headcount of your security team? Using advanced analytics, in tandem with endpoint monitoring applications such as ManageEngine’s Mobile Device Manager Plus and Desktop Central, will help you better visualize and analyze your endpoint data, identify patterns, and establish correlations.
How to use Kibana effectively. Today: Detect possible frauds in your data
Kibana is quite powerful and versatile for visualizing data in Elasticsearch. The Elastic Stack can be used for a variety of use cases. One is the detection of frauds e.g. in Banking transaction like within Softbank Payment Service or bonus point accounts like within Miles and More. Other areas are insurance or tax return data.
A Checklist for Effective Threat Hunting Tools
Threat hunting is one of the most critical activities performed by SOC teams. Once an alert triggers and a tier-1 analyst assesses it and sends it up the line for further evaluation by a more senior analyst, the race is on. Hunting down the threat as quickly as possible, before it can wreak havoc on the organization, becomes the top priority.
Profiling "VIP Accounts" Part 2
In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.
Splunk Attack Range Now With Caldera and Kali Linux
The Splunk Security Research Team has been working on new improvements and additions to the Splunk Attack Range, a tool that allows security researchers and analysts to quickly deploy environments locally and in the cloud in order to replicate attacks based on attack simulation engines. This deployment attempts to replicate environments at scale, including Windows, workstation/server, domain controller, Kali Linux, Splunk server and Splunk Phantom server.
COVID-19 Guide for Security Professionals
What a world! In February, everyone was busy minding their own business, but since March, the entire globe suddenly focused on the same challenge. The COVID-19 pandemic has taken our businesses and private lives by storm. The outbreak surprised everyone - a surprise hardly any business was prepared for. It brought country-wide lockdowns for quarantine, office closures and enforced teleworking, which are now commonplace.
Devo Query Lookups
How to use existing data to create query tables and their modalities