Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Federated Analytics: Analyze Data Wherever It Resides for Rapid and Holistic Security Visibility

Nov 12, 2024 By John Dominguez In Splunk
Data is everywhere, sprawling across cloud, on-premises, and hybrid environments. As security practitioners, we need fast access to this data to analyze it, draw insights, and uncover potential threats. However, the sheer volume of data and complexity of threats makes it difficult to maintain visibility, detect stealthy attacks, and respond quickly to security incidents.
Read Post
graylog

Best Practices for Writing an IT Security Incident Report

Nov 8, 2024 By Jeff Darrington In Graylog
Everyone remembers that one required writing class they needed to take. If you’re like a lot of other security analysts, you assumed that your job would focus on using technology, not writing research papers. However, in today’s business environment, cyber incidents are critical business events, especially as governments and agencies create more reporting requirements.
Read Post
splunk

Unify and Automate TDIR Workflows with Splunk SOAR 6.3 and Splunk Enterprise Security 8.0

Nov 8, 2024 By John Dominguez In Splunk
Security teams are juggling 25+ different security tools that perform different actions across detection, investigation and response. Look up an IP here, send malware to a sandbox there, block an executable over there. What’s worse is that the vast majority of those actions are being performed manually. This approach is simply too slow against fast-moving attackers and malware, and it certainly isn’t sustainable.
Read Post
coralogix

The Digital Operational Resilience Act (DORA) is coming - are you ready?

Nov 7, 2024 By Andre Scott In Coralogix
As the official implementation date approaches for the Digital Operational Resilience Act (DORA) – financial institutions and their information and communication technology (ICT) service providers, across the European Union are gearing up for a significant shift in their operational landscape.
Read Post

SOAR in Seconds - Playbook Building with Natively Integrated SIEM and SOAR

Nov 1, 2024 By Splunk In Splunk
In Splunk SOAR 6.3, SOAR features now come fully integrated with Splunk Enterprise Security 8.0. In this demo, see how to easily create a Splunk SOAR playbook in the context of your SIEM workflows. Playbooks and actions are now directly integrated within the Splunk Enterprise Security analyst queue. You can run playbooks and see the results without leaving the Splunk Enterprise Security interface. Both a Splunk SOAR and Splunk Enterprise Security license is required.
View Video
splunk

Announcing the General Availability of Splunk Enterprise Security 8.0

Oct 31, 2024 By Olivia Henderson In Splunk
At.conf24 we unveiled the private preview of Splunk Enterprise Security 8.0, and the buzz was undeniable. Today, we are thrilled to announce that Splunk Enterprise Security 8.0 is now generally available! This isn’t just another release—it’s a massive leap forward that redefines and revolutionizes security operations. Splunk Enterprise Security 8.0 is the cornerstone of the SOC of the Future.
Read Post
graylog

Cross-Site Request Forgery Cheat Sheet

Oct 31, 2024 By Jeff Darrington In Graylog
“Aren’t you a little short for a Stormtrooper?” In this iconic Star Wars moment, Princess Leia lazily responds to Luke Skywalker, disguised as one of her Stormtrooper captors and using authentication information to open her cell. In other words, Star Wars acts as an analogy for a cross-site request forgery (CSRF) attack. In a CSRF attack, malicious actors use social engineering so that end-users will give them a way to “hide” in their authenticated session.
Read Post
graylog

What is a Cross-Site Scripting Attack

Oct 28, 2024 By Jeff Darrington In Graylog
Cross-site scripting attacks are the digital version of the mystery trope where people inject IV lines with hazardous material. In the murder mystery genre, these crimes often focus on someone who looks legitimate, sneaking malicious material into someone’s medicine to harm the patient. Similarly, a cross-site scripting attack is when a threat actor sneaks malicious code into someone’s application to harm end users.
Read Post
devo

Beyond Burnout: Key Takeaways from SOC Analyst Appreciation Day 2024

Oct 25, 2024 By Kayla Williams In Devo
Feeling overwhelmed by alerts? You’re not alone. At SOC Analyst Appreciation Day (SAAD) 2024, we heard from countless analysts facing the same challenges of burnout, perfectionism, and the need for mentorship. With a fantastic line-up of speakers, including John Hammond, Ron Eddings, Peter Coroneos from Cybermindz, and other security leaders, this year’s event provided valuable insights and sparked engaging discussions.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.