Following our February announcement that Devo has been designated as FedRAMP “In-Process,” I’m excited to report that our public sector momentum continues in other key areas. Here are some recent highlights: All of this momentum and growth is an affirmation of the excellence of the Devo Platform and the exceptional quality of our success services to support them. And it also demonstrates Devo’s long-term commitment to serving our customers and partners in the public sector.

The Splunk Threat Research Team has addressed a new malicious payload named AcidRain. This payload, deployed in the ongoing conflict zone of Eastern Europe, is designed to wipe modem or router devices (CPEs).

The Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Spring4Shell attack vector. This post shares detection opportunities STRT found in different stages of successful Spring4Shell exploitation. At the time of writing, there are two publicly known CVEs: CVE-2022-22963, and CVE-2022-22965. The Splunk Security Content below is designed to cover exploitation attempts across both CVEs.

Log analysis and security incident and event management (SIEM) tools have become staples of enterprise cyber resilience programs. For vigilant organizations, having infrastructure visibility into the transactions occurring behind the scenes is instrumental to maintaining a strong security posture. Splunk and SumoLogic are two leading platforms that serve this critical purpose—let’s revisit them again to see how their current offerings stack up.