Splunk

Play Now with BOTS Partner Experiences: Corelight

Nov 9, 2021 By John Stoner In Splunk

In December 2019, a small team met at the Splunk office in Boulder to figure out how we could provide a 24x7x365 experience for Boss of the SOC (BOTS). As we started brainstorming, this broadened to include workshops to provide an opportunity to learn in addition to a place to play.

Read Post

Splunk

Read more about Play Now with BOTS Partner Experiences: Corelight

Enhance Your Security Posture with Splunk + Google Workspace

Nov 9, 2021 By Mark Karlstrand In Splunk

Business productivity and collaboration suites preferred by enterprise customers, such as Google Workspace, are central to an organization’s operation. In addition to storing sensitive org info, Google Workspace includes settings (e.g. Google Groups) which control access to sensitive data across a customer's entire Google Cloud org (Workspace & GCP).

Read Post

Splunk

Read more about Enhance Your Security Posture with Splunk + Google Workspace

Congress Should Support Cybersecurity Through Log Standardization Funding

Nov 9, 2021 By Tim Frank In Splunk

In late August, the Office of Management and Budget (OMB) issued an implementation memo regarding Section 8 of the administration’s cybersecurity executive order, which focused on security through data log management.

Read Post

Splunk

Read more about Congress Should Support Cybersecurity Through Log Standardization Funding

Detecting IcedID... Could It Be A Trickbot Copycat?

Nov 4, 2021 By Splunk Threat Research Team In Splunk

IcedID is a banking trojan, it is designed to be stealthy and built to collect financial information. IcedID harvests user credentials and banking sessions to commit financial crimes, including carding, money laundering, and transferring of funds to foreign financial institutions. In recent research published by Splunk Threat Research Team (STRT) the inclusion of cryptocurrency exchange information was also included by Trickbot in the web inject code.

Read Post

Splunk

Read more about Detecting IcedID... Could It Be A Trickbot Copycat?

CISA's Known Exploited Vulnerabilities Catalog and Splunk

Nov 3, 2021 By Marcus LaFerrera In Splunk

TL;DR: Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.

Read Post

Splunk

Read more about CISA's Known Exploited Vulnerabilities Catalog and Splunk

Adaptable Incident Response with Splunk Phantom Modular Workbooks

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how Phantom can dynamically add tasks to your workbooks, understand why workbooks might need to adapt during investigations, and see modular workbook development in action and utilize these examples in your organization.

View Video

Splunk

Read more about Adaptable Incident Response with Splunk Phantom Modular Workbooks

Identify and address security event logging gaps with Splunk UBA

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn about how Splunk UBA allows you to identify blind spots in security event logging, troubleshoot logging right at the source and find advanced detections with available data sources.

View Video

Splunk

Read more about Identify and address security event logging gaps with Splunk UBA

7 Tips To Boost Performance of Your Splunk Enterprise Security Operations

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to optimize CPU and Memory usage to achieve considerable costs savings, how the built-in monitoring console and Enterprise Security auditing page can provide better visibility into how your SIEM is performing, and how to empower your team with bottleneck root cause analysis and performance tuning skills to scale your ES operations.

View Video

Splunk

Read more about 7 Tips To Boost Performance of Your Splunk Enterprise Security Operations

Risk-Based Alerting & Enterprise Security

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to improve true positive rates, detect complex threats faster, and streamline investigations with richer context.

View Video

Splunk

Read more about Risk-Based Alerting & Enterprise Security

RBA Investigations at Machine Speed with Splunk Phantom

Nov 1, 2021 By Splunk In Splunk

Tune in to this Tech Talk to learn how to incorporate threat indicators to your RBA strategy, build an extensible Phantom playbook framework for new use-cases, and automate analyst information gathering steps.

View Video

Splunk

Read more about RBA Investigations at Machine Speed with Splunk Phantom

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

Play Now with BOTS Partner Experiences: Corelight

Enhance Your Security Posture with Splunk + Google Workspace

Congress Should Support Cybersecurity Through Log Standardization Funding

Detecting IcedID... Could It Be A Trickbot Copycat?

CISA's Known Exploited Vulnerabilities Catalog and Splunk

Adaptable Incident Response with Splunk Phantom Modular Workbooks

Identify and address security event logging gaps with Splunk UBA

7 Tips To Boost Performance of Your Splunk Enterprise Security Operations

Risk-Based Alerting & Enterprise Security

RBA Investigations at Machine Speed with Splunk Phantom

Monthly Archive

Follow Us