EDR, DFIR and Endpoint Triage with Brian Carrier

Brian Carrier, CEO of Sleuth Kit Labs, joined Defender Fridays to discuss EDR, DFIR and Endpoint Triage. We explored how SOCs can effectively investigate endpoints after alerts to decide whether to wipe it or call an IR team. Brian covered leveraging EDR data and additional forensic artifacts for better Endpoint Triage, helping teams cut through the overwhelming amount of information to make informed response decisions.

The Heightened Threat of Iranian Cyber Attacks: How to Understand the Risk and Enhance Resilience

The physical conflict involving Iran that has played out in the Middle East over the last several days is expected to increasingly spill over into the cyber realm. According to the Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency (CISA), and other cybersecurity experts, organizations in the US should begin preparing for increased cyber attacks from pro-Irianian hacktivists and Iranian government-affiliated actors in the coming days and weeks.

Splunk Named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025

We’re honored to share that Splunk has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025. Splunk is committed to power the SOC of the Future by providing a unified threat detection, investigation, and response (TDIR) experience — no matter their deployment requirements.

Introducing the AI Agent action

Today, we’re announcing a way to build and deploy agents in Tines through our AI Agent action. In the AI market, AI agents suddenly seem to be everywhere – software that can autonomously think and perform tasks on behalf of the user. But we’re still very early in the adoption curve of agents. One thing we’ve noticed is that most solutions can’t handle the varying complexities of mission-critical workflows.

The User Risk Puzzle: Why Your Security Tools Don't Add Up

As a security leader, you face an inevitable daily reality: a flood of alerts pouring in from dozens of different tools. Risky sign-ins are flagged in Microsoft 365, weak passwords are pinged from a vault audit, and a separate report identifies which employees failed the latest phishing simulation. While all this information is valuable, most leaders are unable to connect these separate data points to paint a clear, cohesive picture of an individual user’s overall risk.

Bridge the Gap: Federated Project Collaboration for AEC Teams With Egnyte

In architecture, engineering, and construction (AEC), collaboration across firms isn’t optional—it’s fundamental. Whether you’re working with architects, consultants, general contractors, or subcontractors, sharing data efficiently is critical to project success. Yet, most file-sharing methods between firms are outdated, risky, and operationally difficult.

Machine identity mayhem: The volume, variety, velocity challenge

Machine identities—like the API keys, certificates, and access tokens that secure machine-to-machine connections—are swarming businesses. Yet, many teams still reach for manual tools while their systems overclock. At the start of the year, I predicted the ratio of machine to human identities would likely soon tip past 100:1. As of mid-year, most organizations are clocking in at more than 80:1—and I’ve seen environments as high as 500:1.

Securing Our Water: Understanding the Water Cybersecurity Enhancement Act of 2025

Cyberattacks on public infrastructure are no longer hypothetical. From ransomware disabling city services to foreign actors probing utility networks, the risks are real and rising. Among the most vulnerable targets are our public water systems. Often underfunded, technologically fragmented, and encumbered by legacy systems, water utilities are easy pickings for determined attackers.