Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Secure AI System Development

Scientific progress in AI and downstream innovation to solve concrete real-world problems is part of a greater movement toward inventing Artificial General Intelligence (AGI). Broadly speaking, AGI is defined as an intelligent agent that can emulate and surpass human intelligence. Today, we are already familiar with incomplete forms of AGI: Despite these promising innovations moving from the scientific domain to consumer marketplaces, we are still far from achieving AGI.

Data Breach Defined & Ways To Prevent One in 2024

Data breaches are on the rise. Every day, we see news articles like these: "Major Data Breach Hits ABC Corporation: Millions of User Records Compromised"."GHI Retail's Customer Data Exposed: A Wake-Up Call for E-commerce Security"."LMN Health's Patient Information Compromised: Largest Data Breach in Healthcare History".

Ghost in the Web Shell: Introducing ShellSweep

In the cyber realm, where digital defense and offense is an ongoing game of cat and mouse, one of the most potent weapons in an attacker's arsenal is the web shell. A seemingly innocuous piece of code that, once embedded in a server, allows an attacker to maintain their access and control. The hidden danger of web shells is their stealthiness and versatility, making them a challenging threat to uncover and neutralize.

Endpoints and Endpoint Detection: Importance & Risk Mapping

“Secure the endpoints!” This battle cry can sound like a meme, sure, but it also highlights arguably the most important part of modern cybersecurity today: are we securing the endpoints? A compromised network is likely to leave traces of anomalous and unauthorized activities that originate from network endpoints.

Continuous Threat Exposure Management (CTEM)

As businesses transform digitally, cyber threats are evolving faster. The takeaway isn’t that threats are more sophisticated: it’s that traditional, reactive vulnerability management solutions are rarely effective. Continuous threat exposure management is a process that can effectively address this problem.

Hunting M365 Invaders: Blue Team's Guide to Initial Access Vectors

Microsoft 365 (formerly Office 365) is Microsoft's cloud-based suite of productivity tools, which includes email, collaboration platforms, and office applications. All are integrated with Entra ID (referred to as Azure AD in this post) for identity and access management. M365’s centralized storage of organizational data, combined with its ubiquity and widespread adoption, make it a common target of threat actors.

Google Dorking: An Introduction for Cybersecurity Professionals

Google Dorking, also known as Google Hacking, is a technique using sophisticated search queries to uncover information on the internet not easily accessible through typical search queries. It leverages the capabilities of Google’s search algorithms to locate specific text strings within search results.

Find the Unusual with the Splunk App for Behavioral Profiling 2.0

There are times where being unusual is a good thing - unconventional thinking can lead to innovation in industry, science and culture, enabling everyone from businesses to artists to stand out from the pack. The Splunk App for Behavioral Profiling (SABP) helps users tackle the other kind of unusual - the bad kind.

Cybersecurity Skills for Pros To Have in 2024

So, you’re interested in cybersecurity! That’s great, because the whole world needs more skilled security professionals. Cybersecurity is the massive practice of “protecting computer and network systems against intrusion, theft or damage. It’s the main line of defense against a vast number of digital adversaries.” The consequences of bad cybersecurity is disastrous, potentially resulting in losses in the millions of dollars.

OT Security Is Different, Isn't IT?

In 2010 suddenly everyone was talking about OT security. Stuxnet had arrived. In 2021, The Colonial Pipeline hack increased the attention on the security of operational technology again. Since then, we have encountered numerous incidents, and the risk of breaches within the OT environment has increased significantly. But why is OT security a separate ‘thing’ in security. What is the difference between OT and IT in the cyber security field?