Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

splunk

Defense Department's Multi-Cloud Cloud Strategy: A Role for SIEM

Sep 2, 2022 By Tim Frank In Splunk

It’s difficult to recall a time over the last ten years when cloud requirements were not at the forefront of the Defense Department’s modernization efforts. Cloud capability reviews and requirements, in some form, extend from the Pentagon’s net-centricy efforts — to the Joint Information Environment, Digital Modernization, and up through to today.

Read Post

Coffee Talk with SURGe: Twitter Whistleblower, Roasting Oktapus, Montenegro Cyberattack

Aug 31, 2022 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.
View Video
splunk

Harmonizing the Federal Effort on Automating Software Bill of Materials

Aug 29, 2022 By Kosta Kalpos In Splunk

When the Biden administration released Executive Order 14028, “Improving the Nation's Cybersecurity”, it included guidance to enhance the security of the nation’s software supply chain. As a result, key building blocks are being developed to both strengthen software security and bolster software Supply Chain Risk Management (SCRM) programs across the Federal government.

Read Post

Introduction to Splunk Common Information Model

Aug 25, 2022 By Splunk In Splunk
Security and IT analysts need to be able to find threats and issues without having to write complex search queries. The Splunk Common Information Model (CIM) delivers a common lexicon of field names and event types across different vendor data sources making them consistent so that analysts can write clearer queries and get better results with more true positives and fewer false positives.
View Video
splunk

AppLocker Rules as Defense Evasion: Complete Analysis

Aug 25, 2022 By Splunk Threat Research Team In Splunk

Microsoft continues to develop, update and improve features to monitor and prevent the execution of malicious code on the Windows opearting system. One of these features is AppLocker. This feature advances the functionality of software restriction policies and enables administrators to create rules to allow or deny applications from running based on their unique identities (e.g., files) and to specify which users or groups can run those applications.

Read Post
splunk

Introducing the Ransomware Content Browser

Aug 22, 2022 By Johan Bjerke In Splunk

Splunk SURGe recently released a whitepaper, blog and video that outline the encryption speeds of 10 different ransomware families. The outcome of this research was that it is unlikely that a defender will be able to do anything once the encryption has started. Ransomware today is also mostly “human-operated” where many systems are sought out and compromised before any encryption activities occur and, once they do, the encryption is just too fast to meaningfully affect the damage done.

Read Post

Coffee Talk with SURGe: Signal Numbers Exposed, FTC Data Privacy Rules, Conti Ransomware, E2EE

Aug 17, 2022 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. This week they discussed Signal's response to the Twilio breach, the FTC's effort to create new data privacy rules, and a $10 million reward for information about a suspected Conti ransomware operator.
View Video
splunk

Using Threat Intelligence To Advance Your Security Posture

Aug 11, 2022 By Stephen Watts In Splunk

People often ask me, “What’s the purpose of cybersecurity?” I tell them that it serves to protect the valuable, intangible data assets of firms or private individuals, usually by trying to shrink the attack surface. One way to achieve cybersecurity is to utilize threat intelligence research in your firm’s security plan. In this article, I will discuss the benefits of understanding and implementing a threat intelligence program.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.