I hope you're all enjoying this series on Hunting with Splunk as much as we enjoy bringing it to you. This article discusses a foundational capability within Splunk — the eval command. If I had to pick a couple of Splunk commands that I would want to be stuck on a desert island with, the eval command is up there right next to stats and sort. (Part of our Threat Hunting with Splunk series, this article was originally written by John Stoner. We’ve updated it recently to maximize your value.)

Throughout the year, special events lead to changes in Internet traffic. We observed this with Thanksgiving in the US last week, where traffic dipped, and during periods like Black Friday (November 24, 2023) and Cyber Monday (November 27, 2023), where traffic spiked. But how significant are these Cyber Week days on the Internet? Is it a global phenomenon? Does e-commerce interest peak on Black Friday or Cyber Monday, and are attacks increasing during this time?

When a business works with the general public, there’s a certain level of risk inherent in the process. We see it time and time again, with companies subject to data breaches and the loss of public information, like what happened to Target in 2013, Equifax in 2017, 23andMe in 2023, and many, many more. While there are security standards in place for private corporations, enforcement is slim, and violations tend to be retroactively applied.

Today, Fireblocks is launching Off Exchange – a new solution that enables trading firms and asset managers to trade on centralized exchanges from an on-chain MPC shared wallet, eliminating exchange counterparty risks.

An old proverb, dating to at least the 1360’s, states: "For want of a nail, the shoe was lost, for want of a shoe, the horse was lost, for want of a horse, the rider was lost, for want of a rider, the battle was lost, for want of a battle, the kingdom was lost, and all for the want of a horseshoe nail," When published in Ben Franklin’s Poor Richard’s Almanack in 1768, it was preceded by the cautionary words: “a little neglect may breed great mischief”.

What is the relationship between zero trust and user identity? There’s no doubt that identity is a fundamental component of an effective zero trust approach, but there is also a danger that organisations become so overly focused on this one element, they forget there are others. To believe that achieving zero trust is all about user identity is, I believe, a fundamental misunderstanding of the concept.

In the age of Gen AI, it is now apparent that we can no longer trust what we see and read. The fakers have the upper hand: while typical security approaches rely on scaling up teams, attacks scale at the press of a button. To safely move forward and realize the benefits Gen AI enables, we need a better trust model that adds integrity, transparency and trust to all data and a common provenance format that captures origin, authenticity and lineage information. We must verify data before we use it.