Using eval to Calculate, Appraise, Classify, Estimate & Threat Hunt

I hope you're all enjoying this series on Hunting with Splunk as much as we enjoy bringing it to you. This article discusses a foundational capability within Splunk — the eval command. If I had to pick a couple of Splunk commands that I would want to be stuck on a desert island with, the eval command is up there right next to stats and sort. (Part of our Threat Hunting with Splunk series, this article was originally written by John Stoner. We’ve updated it recently to maximize your value.)

Cyber Week: Analyzing Internet traffic and e-commerce trends

Throughout the year, special events lead to changes in Internet traffic. We observed this with Thanksgiving in the US last week, where traffic dipped, and during periods like Black Friday (November 24, 2023) and Cyber Monday (November 27, 2023), where traffic spiked. But how significant are these Cyber Week days on the Internet? Is it a global phenomenon? Does e-commerce interest peak on Black Friday or Cyber Monday, and are attacks increasing during this time?

ATO Process: What is an Authority to Operate in Cybersecurity?

When a business works with the general public, there’s a certain level of risk inherent in the process. We see it time and time again, with companies subject to data breaches and the loss of public information, like what happened to Target in 2013, Equifax in 2017, 23andMe in 2023, and many, many more. While there are security standards in place for private corporations, enforcement is slim, and violations tend to be retroactively applied.

For want of a cyber nail the kingdom fell

An old proverb, dating to at least the 1360’s, states: "For want of a nail, the shoe was lost, for want of a shoe, the horse was lost, for want of a horse, the rider was lost, for want of a rider, the battle was lost, for want of a battle, the kingdom was lost, and all for the want of a horseshoe nail," When published in Ben Franklin’s Poor Richard’s Almanack in 1768, it was preceded by the cautionary words: “a little neglect may breed great mischief”.

Zero Trust and (Why It Isn't Always About) Identity

What is the relationship between zero trust and user identity? There’s no doubt that identity is a fundamental component of an effective zero trust approach, but there is also a danger that organisations become so overly focused on this one element, they forget there are others. To believe that achieving zero trust is all about user identity is, I believe, a fundamental misunderstanding of the concept.

Bringing Immutable Audit Trails to Dropbox

In the age of Gen AI, it is now apparent that we can no longer trust what we see and read. The fakers have the upper hand: while typical security approaches rely on scaling up teams, attacks scale at the press of a button. To safely move forward and realize the benefits Gen AI enables, we need a better trust model that adds integrity, transparency and trust to all data and a common provenance format that captures origin, authenticity and lineage information. We must verify data before we use it.

What is Lookout Secure Private Access? A ZTNA Solution

Lookout Secure Private Access is a data-centric zero trust network access (ZTNA) that provides seamless connections to private apps – whether they reside on-premises or in the cloud – all while strengthening your data security posture. Watch this video to learn why you need ZTNA, how Lookout Secure Private Access works, and how it can protect your data no matter where it goes.