San Francisco, CA, USA
Nov 28, 2022   |  By David Holiday
"People tell you who they are, but we ignore it, because we want them to be who we want them to be.” - Don Draper Earlier this year we announced some security enhancements to how we handle submissions to Splunkbase. The simple statement is we are making things faster/cheaper/better where Splunkbase security is concerned. Faster in that it takes less time for a developer to get an app into our platform. Cheaper in that it’s more automated.
Nov 22, 2022   |  By Stephen Watts
With the high rate of cyberattacks today, the role of a chief information security officer (CISO) has become more important — and much more visible. Businesses have been forced to invest in guarding their infrastructures, networks and sensitive data. This blog post will take a look at the basics of a CISO, as well as the CISO's main tasks and responsibilities.
Nov 21, 2022   |  By Chrissy Kidd
A major subset of overall cybersecurity, Information Security focuses on protecting sensitive data and information from the risks of cyberattacks. It covers but is not limited to: The fundamental goal of information security is to prevent sensitive data from being compromised by criminals or state actors. InfoSec encompasses a wide range of tasks and practices, spanning from monitoring user behavior to assessing risk to ongoing education.
Nov 21, 2022   |  By Dane Disimino
This past June I presented a.conf22 session called “A Beginner’s Guide to SOAR: Automating the Basics” to address perceptions about SOAR adoption among security practitioners. This was my first in-person presentation to a live audience in several years because of the pandemic and I was encouraged to find that the session was among the highest attended at the event with well over 200 attendees in the room.
Nov 17, 2022   |  By Shannon Davis
I originally planned to write this story as a follow-up to another blog that SURGe released for CVE-2022-3602 and CVE-2022-3786 (aka SpookySSL). That blog mentions that we weren’t able to test with any malicious payloads yet, and as things go… After releasing that blog, we came across proof-of-concept exploits that weren’t detected by our searches.
Nov 17, 2022   |  By Nimish Doshi
Simplify your procurement process and subscribe to Splunk Cloud via the AWS marketplace Unlock the secrets of machine data with our new guide All companies want to protect their reputation as any mishandling of it, either self-inflicted or via outside forces, can have a devastating impact. Mitigating reputational issues involves mitigating the risk that leads to them.
Nov 16, 2022   |  By Splunk Threat Research Team
Agent Tesla is a remote access trojan (RAT) written for the.NET framework that has knowingly been in operation since 2014. Threat actors behind this malware have leveraged many different methods to deliver their payload over time including macro enabled Word documents, Microsoft Office vulnerabilities, OLE objects and most recently, compiled HTML help files.
Nov 14, 2022   |  By Stephen Watts
We live in a world of rapid technological advancements. Technologies such as big data, the internet of things (IoT) and artificial intelligence have created a world full of opportunities and solutions. However, it has also opened doors to increased threats, cyberattacks and network vulnerabilities. This post will explain network security, including relevant concepts and issues, as well as best practices that can your organizations secure all your networks and surfaces.
Nov 11, 2022   |  By Chrissy Kidd
Sometimes referred to as CKC or the cyberattack lifecycle, the cyber kill chain is a security defense model developed to identify and stop sophisticated cyberattacks before they impact an organization. Typically comprised of seven steps, a cyber kill chain model breaks down the multiple stages of a cyberattack, allowing security teams to recognize, intercept or prevent them.
Nov 4, 2022   |  By Stephen Watts
As available software on the market increases, so do vulnerabilities. When a company's system is weak due to vulnerabilities in the software it uses, attackers take advantage of the situation to: This, in turn, causes the company to lose customers, reputation and money. To reduce threats, network personnel and system administrators are always on the front line, constantly patching the organization's software and operating systems. But to what end?
Nov 28, 2022   |  By Splunk
Watch this fireside chat to find out what NIS2 is and what the new obligations are under this new EU directive. We'll talk about why it should be taken more seriously and how Splunk can help organisations comply with incoming regulations. Our Splunk Experts: Clara Lemaire, Director for European Government Affairs Kirsty Paine, EMEA Strategic Adviso Matthias Maier, Product Marketing Director
Nov 16, 2022   |  By Splunk
Ever wondered how to find bad actors using only browser data? Attend this session to get a deeper understanding of the integration between Google Chrome and Splunk. See how to ingest data, and use it for threat hunting and adversarial identification. Speaker: James Young - Staff Security Strategist
Nov 8, 2022   |  By Splunk
Oct 19, 2022   |  By Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge to share their take on the issue of victim-blaming for phishing attacks. The episode ends with a deep dive on cyber threats ahead of the U.S. midterm elections on Nov. 8.
Oct 15, 2022   |  By Splunk
A 30-second overview describing a SIEM and its function.
Oct 11, 2022   |  By Splunk
In this 60 second charity challenge benefitting Operation BBQ Relief, Mick, Ryan, and Audra explain their top takeaways for Cybersecurity Awareness Month.
Oct 6, 2022   |  By Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick, Ryan, and Audra also competed in a 60 second charity challenge to name their top takeaway from Cybersecurity Awareness Month.
Sep 28, 2022   |  By Splunk
Grab a cup of coffee and join Audra Streetman and special guests David Bianco and Haylee Mills for another episode of Coffee Talk with SURGe. The trio will discuss the latest cybersecurity news, including: Haylee and David competed in a 60 second charity challenge to explain the concept of domain shadowing. The team also discussed the Uber hack as it relates to general security practices at companies.
Sep 27, 2022   |  By Splunk
In this 60 second charity challenge benefiting Girls Who Code Inc., special guests David Bianco and Haylee Mills explain the concept of domain shadowing, a form of DNS hijacking, and why it's difficult to detect.
Aug 31, 2022   |  By Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.
Oct 21, 2018   |  By Splunk
The hype around artificial intelligence (AI) and machine learning (ML) has exploded, sometimes overshadowing the real uses and innovations happening everyday at organizations across the globe. The reality is that applying AI and ML to data-dependent challenges presents opportunity for better security, faster innovation and overall improved efficiency.
Jun 1, 2018   |  By Splunk
Do you have a plan for cybersecurity? Digital technology is touching every aspect of our lives, which is giving bad actors unlimited runway to create new threats daily. It's this atmosphere that makes it imperative that organizations are prepared, informed and actively hunting for adversaries.
Jun 1, 2018   |  By Splunk
Cyberattacks are top of mind for organizations across the globe. In fact, 62 percent of firms are being attacked at least weekly and 45 percent are experiencing a rise in the number of security threats. But do organizations have the processes in place to investigate and effectively respond to these incidents? IDC recently surveyed security decision makers at 600 organizations to understand the state of security operations today.
May 25, 2018   |  By Splunk
How can you utilize machine data to be prepared for the General Data Protection Regulation of the European Union?
Apr 1, 2018   |  By Splunk
A security information event management (SIEM) solution is like a radar system that pilots and air traffic controllers use. Without one, enterprise IT is flying blind. Although security appliances and system software are good at catching and logging isolated attacks and anomalous behavior, today's most serious threats are distributed, acting in concert across multiple systems and using advanced evasion techniques to avoid detection.
Apr 1, 2018   |  By Splunk
Security incidents can happen without warning and they often go undetected for long periods of time. Organizations struggle to identify incidents because they often work in silos or because the amount of alerts is overwhelming and hard to determine the signals among the noise.
Mar 1, 2018   |  By Splunk
All data is security relevant and defending against threats involves every department in a company. With cyberthreats and bad actors constantly evolving, it is imperative for everyone in an organization to come together to identify and protect critical data.
Feb 1, 2018   |  By Splunk
Recent cyberattacks have made it clear that organizations of all sizes need to focus on a holistic and cohesive security strategy. Security operations centers (SOCs) have become a focal point in this effort, consolidating the right people, processes and technology to mitigate and remediate attacks.
Jan 1, 2018   |  By Splunk
Current IT security tools and mindsets are no longer adequate to meet the scope and complexity of today's threats. Internet security has evolved over the last ten years but advanced persistent threats and the sophistication of the malware have fundamentally changed the way security teams must think about these new threats and the tools used for detective controls.

Splunk produces software for searching, monitoring, and analyzing machine-generated big data, via a Web-style interface.

Splunk turns machine data into answers. Regardless of your organization’s size and industry, Splunk can give you the answers you need to solve your toughest IT, security and business challenges—with the option to deploy on-premises, in the cloud or via a hybrid approach.

Work the Way Your Data Works:

  • Real-Time: Splunk gives you the real-time answers you need to meet customer expectations and business goals.
  • Machine Data: Use Splunk to connect your machine data and gain insights into opportunities and risks for your business.
  • Scale: Splunk scales to meet modern data needs — embrace the complexity, get the answers.
  • AI and Machine Learning: Leverage artificial intelligence (AI) powered by machine learning for actionable and predictive insights.

Any Question. Any Data. One Splunk.