The Splunk Security Research Team has been working on new improvements and additions to the Splunk Attack Range, a tool that allows security researchers and analysts to quickly deploy environments locally and in the cloud in order to replicate attacks based on attack simulation engines. This deployment attempts to replicate environments at scale, including Windows, workstation/server, domain controller, Kali Linux, Splunk server and Splunk Phantom server.

The Report Sheds Light on Data Loss Prevention Challenges and Identifies the Use Cases for Integrated DLP vs. Enterprise DLP Solutions. A recent report published by Gartner titled “How to Choose Between Enterprise DLP and Integrated DLP Approaches” (Gartner subscription required) found that “the data loss prevention market includes products with DLP capabilities integrated in security products or SaaS applications, as well as cohesive enterprise DLP suites.

When it comes to organizations incorporated and operating out of the United States, General Data Protection Regulation (GDPR) compliance can be confusing. Many people struggle to understand what exactly is the GDPR and whether it applies to all organizations. On May 25, 2018, the European Union (EU) via the European Parliament, signed into law the GDPR, to an enhance Directive 95/46/EC.

Monitoring all DNS requests in your network, including those that were blocked by (e.g., by a firewall) is a great way to increase visibility, enforce compliance and detect threats. A common problem with collecting DNS logs is that DNS server logs are notoriously hard to parse. Also, parsing only the logs of your DNS servers leaves a blind spot when it comes to usage of, or the attempt to use, an external DNS server like Google's 8.8.8.8.

In recent years, many businesses had already begun planning for a gradual shift towards an increasingly remote workforce, yet fewer had implemented a mobile-first strategy, and some were still formulating strategies. At a gradual pace, IT administrators could handle a small percentage of remote workers and saw the management features of device enrollment programs and network security measures as enough to manage a few remote devices and cyber risks.

May is here, and with it our May’s open source security snapshot, our monthly overview of the new open source security vulnerabilities published in April, to see what’s new in the ever-evolving open source security ecosystem. In order to give you all the low-down on emerging or ongoing trends, our hardworking research team analyzed all of the new open source security vulnerabilities added to the WhiteSource database.

On Monday, May 4th, **FINRA (Financial Industry Regulatory Authority), issued a warning to financial companies stating that a new email phishing campaign was doing the rounds. According to the regulator, the campaign is ongoing, widespread, and made to look as though the emails are coming from FINRA itself.