Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

The Imperative of Cyber Resilience: Shaping a Secure Future for Public and Private Sectors

Mar 26, 2025 By Frank Dimina In Splunk
When it comes to cyber attacks, it’s no longer a question of if but when. Threat actors aren’t discriminating between the public or private sector — each organization has valuable data, which means every organization is a viable target. In this new threat landscape, digital resilience — the ability to defend against, withstand, and recover from attacks — has become an operational imperative.
Read Post

Intro to Cisco Secure Application in Splunk AppDynamics

Mar 13, 2025 By Splunk In Splunk
Welcome to this in-depth introduction to Cisco Secure Application in Splunk AppDynamics. In this video, I’ll walk you through how Cisco Secure Application seamlessly integrates with your existing Splunk AppDynamics APM agents to provide real-time security monitoring. We’ll first review the high-level architecture of Cisco Secure Application, and then I’ll show you how to use the Cisco Secure Application dashboard to monitor the security status of applications, business transactions, libraries, vulnerabilities, attacks, and observations.
View Video

Harness Data to Prevent Fraud with Splunk and AWSSPLUNK_AWS_FRAUD_11202024 (1)

Mar 6, 2025 By Splunk In Splunk
In this webinar, you will learn about the influence of data-driven technology on fraud detection and prevention. You will discover how businesses can use AI, machine learning, and big data analytics to proactively identify hazards and monitor transactions in real time. The workshop will provide useful insights into cutting-edge solutions that improve customer security and protect sensitive information, as well as practical tactics and case studies for successfully combating fraud.
View Video
splunk

Why Security Teams Choose Splunk Enterprise Security: Three Core Benefits That Transform SecOps

Feb 28, 2025 By Olivia Henderson In Splunk
A SOC of the future is a resilient SOC that fosters a collaborative and proactive cybersecurity approach with a modern technology foundation. At the core of the SOC of the future is a unified threat detection, investigation, and response (TDIR) platform, representing the real-world requirements for how tools contribute to the SOC’s mission and strategy, providing integration and efficient process execution. The foundation for the unified TDIR platform is a modern SIEM.
Read Post
splunk

Infostealer Campaign against ISPs

Feb 28, 2025 By Splunk Threat Research Team In Splunk
The Splunk Threat Research Team has identified a campaign targeting ISP infrastructure providers on the West Coast of the United States and the country of China. This mass exploitation campaign originates from Eastern Europe and uses simple tools that abuse victim’s computer processing power to install cryptomining payloads and binaries with diverse functions such as.
Read Post
splunk

What Is a Watering Hole Attack? Detection and Prevention

Feb 25, 2025 By Muhammad Raza In Splunk
We already know that cybercriminals exploit the weakest link in your IT networks. The best defense against these exploits comes down to safeguarding the most vulnerable entry points. But what if the weakest link in your cybersecurity defense lies beyond your IT network itself?
Read Post

Access your data with Federated Analytics for Amazon Security Lake with Splunk, AWS, and Accenture

Feb 18, 2025 By Splunk In Splunk
Federated Analytics gives organizations the full power of Splunk extended to data stored in Amazon Security Lake. Trusted partners like Accenture are helping bring these new capabilities to life at organizations around the world.
View Video
splunk

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time

Feb 18, 2025 By Michael Haag In Splunk
Windows permission misconfigurations remain a common attack vector in enterprise environments. Attackers consistently leverage these misconfigurations for privilege escalation, with Security Descriptor Definition Language (SDDL) emerging as a blind spot. From LockBit's manipulation of event log permissions to RomCom's exploitation of Task Scheduler vulnerabilities (CVE-2024-49039), SDDL misconfigurations have become a prime target for sophisticated attacks.
Read Post
splunk

Autonomous Adversaries: Are Blue Teams Ready for Cyberattacks To Go Agentic?

Feb 7, 2025 By Ryan Fetterman In Splunk
2024 was a year of incredible progression for Artificial Intelligence. As large language models (LLMs) have evolved, they have become invaluable tools for enriching the capabilities of defenders – instantly providing the knowledge, procedures, opinions, visualizations, or code any given situation demands. However, these same models provide outputs that enable even low-sophistication attackers to uplift their own skill-levels.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.