Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Authentication and authorization are two processes that play a significant role in any web application. These concepts ensure that only trusted individuals are granted access to the resources of the application. Plus, with all the web applications and services we use regularly, it is increasingly difficult to manage credentials for multiple user accounts. SAML technology provides a means for securely logging into multiple applications using a single set of credentials.

Picture yourself as a cyber detective, ready to uncover the hidden threats lurking in the shadows of your organization's network. Sounds exciting, right? Well, hypothesis-driven hunting is all about channeling your inner Hercule Poirot to stay one step ahead of adversaries working against you. The PEAK threat hunting framework identifies three primary types of hunts: In this post, we’re going to look at hypothesis-driven hunting in detail.

Password spraying is a cyber threat that exploits weak passwords in order to easily compromise user accounts. That means it is critical to enforce strict access controls when authenticating users into a system. This article provides an overview of password spraying attacks, including how they work and a few real-world examples of these attacks. I’ll also look at how these attacks impact businesses, along with mechanisms to detect and prevent them.

Co-author: Matthias Maier, Product Marketing Director at Splunk. With increasing focus on implementing security standards within the digital supply chain, national and industry-specific certifications have become increasingly important. Today, we are excited to announce that Splunk Services Germany GmbH has become a TISAX participant. The alignment with TISAX requirements demonstrates Splunk’s continued commitment to support the heightened security expectations in the automotive industry.

In our last RBA blog post, we talked about some of the problems RBA can help solve. In this post, we explain the methodology we use with Splunk customers as their security teams start working with RBA. In working with our customers, the Splunk Superstar RBA Braintrust has developed a powerful methodology to kickstart your RBA implementation. From first moves to production, these four levels take you step-by-step through the process of successfully getting RBA up and running.

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.

There are about 90 DNS resource record types (RR) of which many of them are obsolete today. Of the RR’s used, DNS TXT record offers the most flexibility in content by allowing user defined text. The TXT record initially designed to hold descriptive text (RFC 1035) is widely used for email verification, spam prevention and domain ownership verification.