A top challenge faced by security practitioners is double-edged: you’re trying to keep up with new and increasing cyberattacks — all while investigating and remediating existing threats. As we know all too well, time is of the essence when you’re investigating threats and determining the scope and root-cause of a potential breach. On top of that pressure, you’re likely short on resources and experienced personnel, limiting your ability to conduct thorough investigations.

When most people think of threat hunting, they think of uncovering unknown threats. Would you believe me if I told you that is only ONE of many (better) reasons to show value with threat hunting? The PEAK Threat Hunting Framework incorporates three distinct hunt types: hypothesis-driven, baseline and model-assisted threat hunts. Each hunt type follows a three-stage process: Prepare, Execute, and Act.

Digital transformation is happening. Organizations around the globe have realized that if they do not rapidly digitize their business operations and processes, they will be left behind — unable to compete, grow, and thrive. As such, organizations are developing and deploying new applications and services to fuel this evolution.

What is “quantum”, really? The emperor's new (quantum) clothes: cutting through the quantum hype It’s hard to move in security circles today without hearing someone pontificating about “quantum”. Maybe you keep hearing how all cryptography and security of the internet will be devastated by a quantum computer.

As we approach the end of the federal government fiscal year, it's a good time to review the legislative and policy landscape. Several updates and changes have recently arrived or are already in motion regarding cloud security and data resilience.

While security teams may “run on Dunkin’,” companies run on applications. From Salesforce and Hubspot to ServiceNow and Jira, your organization relies on a complex, interconnected application ecosystem. In 2022, organizations used an average of 130 Software-as-a-Service (SaaS) applications. While these technologies enabled them to reduce costs and achieve revenue targets, they created new security risks.

One of the most challenging aspects of running an effective Security Operations Center is how to account for the high volume of notable events that ultimately do not present a risk to the business. Some examples of non-risky notable events include a user forgetting their password and submitting it erroneously multiple times in a row, or a user accessing a system (for a completely valid reason) at an odd hour outside of their normal behavior.

Ensuring application security is not just about protecting data. It’s about safeguarding your company's reputation, keeping customer trust, and adhering to increasingly stringent regulatory requirements. Read on as we delve into application security requirements: the pressing security threats impacting applications, the critical security requirements your application needs to meet, and the best practices to adopt to achieve robust application security.

Today, we are going to look at using the Splunk Stream App to hunt for threats across your network. Sing along with us! 🎼 “Islands in the stream” of our data… (Part of our Threat Hunting with Splunk series, this article was originally written by John Stoner. We’ve updated it recently to maximize your value.)