Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Logging

M-21-31 logging compliance: Overcoming the 3 top challenges

How US federal agencies can better meet advanced event logging requirements Recently, the US Government Accountability Office (GAO) released a study tracking US federal agencies’ progress on meeting the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.

SSL/TLS Web Security Certificates & Protocols

Have you ever wondered about the tiny padlock icon in your browser and why it's there? This little padlock icon, along with the "https" in the URL, signifies that your connection to the website you're on is secure and encrypted using SSL/TLS protocols. It's a symbol that represents the security of all types of information transferred to and from your website — not just for ecommerce transactions.

Introducing Our New SOAR Integrations: Why Panorama and FortiManager Users Should Be Excited

Hello there, cybersecurity aficionados! We're thrilled to unveil our latest and greatest Splunk SOAR apps, tailored for the giants of the firewall space: Panorama and FortiManager. These sophisticated apps help us deliver the most compelling automation for our community, no matter the tools they have deployed. Much like our playbooks packs from earlier this year, these integrations are another great way for users to align their incident response approach to MITRE D3FEND.

Devo Exchange - MITRE ATT&CK content packs & alerts

With the ever-increasing need for strong threat detection and management activities, more and more organizations are incorporating the MITRE ATT&CK framework into their incident investigation systems. Devo Exchange provides a plethora of MITRE content, and replicates the MITRE ATTA&K Matrix and its comprehensive list of tactics and techniques.

SOC Models: In-House, Out-Sourced, or Hybrid SOC?

There’s no single perfect, one-size-fits-all SOC model. Leaders are still unsure whether to bring the SOC in-house, get it outsourced, or do a mix of these two approaches (the so-called hybrid SOC). How do you choose? Investing now in the right model (with adaptability and portability as key considerations) might not be glamorous, but it will set you up for success in the future.

Data Privacy: The Ultimate Guide

Today, data privacy is the new strategic priority for many companies. Prioritizing data privacy boils down to two key drivers: Indeed, the awareness piece has grown significantly, both leading to and because of stringent data privacy regulations, including GDPR and CCPA, the California Consumer Privacy Act. (First time on Splunk.com? You might see a pop-up banner specifically for you to opt in or out.) So, let’s take a look at the concept of data privacy and what’s behind it.

Software Liability Explained

Software liability is an increasingly important area for every software development company and team. At its core, software liability is about protecting users from damages caused by software issues. As more software is in use than ever before, there’s a lot of ways that software — and its manufacturers — could be held responsible for certain actions or inactions. Indeed, even the rise of cyber insecurity globally could fall into this murky area.