%term

Data Eats the World: You'll Consume It Intelligently with the Autonomous SOC

Jun 14, 2022 By Devo In Devo

“Software is eating the world.” That phrase entered the high-tech lexicon in 2011, courtesy of Marc Andreessen, co-founder of both Netscape and venture capital firm Andreessen Horowitz. His thesis is proven time and again. If you substitute data for software, it amplifies the power of Andreessen’s observation. Consider the following statistics on how much data is created every day: Technology users alone generate more than 1.145 trillion MB of data every day!

Read Post

Devo

Read more about Data Eats the World: You'll Consume It Intelligently with the Autonomous SOC

Flow Use Case: Automate Continuous Firewall Traffic Monitoring

Jun 13, 2022 By Devo In Devo

This Flow allows you to monitor all the traffic from your firewall by correlating it against a table that contains malicious IP addresses. If there is a match, Flow will generate an enriched event that will be logged in a designated my.app table. From this new table, you can take further action by creating detection rules to identify threats that put your organization at risk. Table of Contents.

View Video

Devo

Read more about Flow Use Case: Automate Continuous Firewall Traffic Monitoring

Reducing Splunk spend with LimaCharlie

Jun 9, 2022 By Ross Haleliuk In LimaCharlie

Endpoints as well as applications such as AWS, Google Cloud, Office 365, 1Password, Slack, and thousands of others produce vast amounts of data. The volume of security data is growing, and this growth will continue for the foreseeable future. This, in turn, leads to several challenges: To solve these problems, many companies have adopted Splunk as their SIEM (security information and event management) platform.

Read Post

LimaCharlie

Read more about Reducing Splunk spend with LimaCharlie

Coffee Talk with SURGe: RSA, Karakurt, Apple Passwords, Confluence Zero-Day, Follina/MSDT Update

Jun 9, 2022 By Splunk In Splunk

Join the SURGe Team with a guest from the land down under, a recap of important news in the security landscape, a discussion on RSA, and a special interview with Danielle Jablanski of Nozomi Networks!

View Video

Splunk

Read more about Coffee Talk with SURGe: RSA, Karakurt, Apple Passwords, Confluence Zero-Day, Follina/MSDT Update

Graylog Security - The Affordable SIEM Alternative

Jun 7, 2022 By Jeff Darrington In Graylog

Cyber resiliency is the new norm in cybersecurity. Nothing can be 100% secure, and you’re looking for a cost-effective solution to enhance your security posture. At the same time, the rapidly expanding cybersecurity technology market makes it hard to find something that best fits your needs. Most people looking at Security Information and Event Management (SIEM) platforms want a tool that gives them high fidelity alerts to prevent their security analysts from drowning in false positives.

Read Post

Graylog

Read more about Graylog Security - The Affordable SIEM Alternative

CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed

Jun 6, 2022 By CrowdStrike In CrowdStrike

Humio for Falcon provides long-term, cost-effective data retention with powerful index-free search and analysis of enriched security telemetry across enterprise environments.

Read Post

CrowdStrike

Read more about CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed

Making a Business Case for the Right SIEM

Jun 6, 2022 By Devo In Devo

Let’s admit it — switching to a new SIEM can be tough. And expensive. But even when it isn’t tough or expensive, it’s always scary.

Read Post

Devo

Read more about Making a Business Case for the Right SIEM

Truth in Malvertising?

Jun 3, 2022 By Shannon Davis In Splunk

Splunk SURGe recently released a whitepaper, blog, and video that outline the encryption speeds of 10 different ransomware families. Early in our research, during the literature review phase, we came across another group that conducted a similar study on ransomware encryption speeds. Who was this group you ask? Well, it was actually one of the ransomware crews themselves.

Read Post

Splunk

Read more about Truth in Malvertising?

Atlassian Confluence Vulnerability CVE-2022-26134

Jun 3, 2022 By Ryan Kovar In Splunk

If you want just to see how to find evidence of the Atlassian vulnerability in your Confluence systems, skip down to the “detections” sections. Otherwise, read on for a quick breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.

Read Post