Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Logging

SecOps In Seconds: Creating Response Templates in Splunk Mission Control

Apr 26, 2023 By Splunk In Splunk
Streamline your workflows by improving SOC process adherence when you codify your operating procedures into pre-defined templates. Use Splunk Mission Control to speed up investigations with pre-built response templates that include embedded searches, actions, and playbooks to empower security analysts. Model your response plans based on pre-built templates that can be used for security use cases such as “Encoded PowerShell Response”, “Insider Threat” or “Ransomware”. Or build your own templates based on your established processes that are scattered across systems to finally achieve repeatable security operations. This allows you to close the gap between your Splunk ES detections and rapid incident response.
View Video
splunk

Threat Update: AwfulShred Script Wiper

Apr 21, 2023 By Splunk Threat Research Team In Splunk
The Splunk Threat Research Team (STRT) continues to analyze and produce content related to the ongoing geopolitical conflict in eastern Europe where new variances of destructive payloads are being released, targeting government and civilian infrastructure. The sole purpose of these destructive payloads is to decimate infrastructure; there is no ransom or alternative presented, and they need to be addressed as soon as they are detected.
Read Post
devo

US National Security Deep Dive Pillars 2 and 3: Dismantle Threats and Shape Market Forces

Apr 21, 2023 By John Allison In Devo

Last time we looked at The US National Security Strategy Pillar 1: Defend Critical Infrastructure. Today, we are looking at Pillar 2: Disrupt and Dismantle Threat Actors and Pillar 3: Shape Market Forces to Drive Security Resilience. Preventing the attacks in Pillar 1 would not be necessary if the attackers were taken off the board.

Read Post

Coffee Talk with SURGe: 2023-APR-18 NSO Group, LockBit macOS Encryptors, AI in CTI, MSFT Taxonomy

Apr 19, 2023 By Splunk In Splunk
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about how generative artificial intelligence could be used in cyber threat intelligence, with proceeds benefiting the ACLU. The trio also discussed Microsoft's new threat actor naming taxonomy and the role of attribution in cyber threat intelligence.
View Video
splunk

Are you a good or great boxer? Real-world approaches of building cyber resilience in 2023

Apr 18, 2023 By James Hanlon In Splunk
You must have been asleep not to have heard about Splunk’s new mission - ‘to build a safer and more resilient digital world’. Why have we chosen this? Well, not because it is a snappy little tagline, but because we know how important digital resilience is to all of our customers in our ever changing times.
Read Post
graylog

Threat Hunting vs Incident Response for Cyber Resilience

Apr 18, 2023 By The Graylog Team In Graylog
Protecting data and protecting business continuity are both similar and different. In a data driven world, your mission as a security analyst is to prevent threat actors from gaining unauthorized access to sensitive data and systems. Simultaneously, you also need to investigate incidents rapidly, ensuring that critical services experience as little downtime as possible.
Read Post
splunk

Introducing the PEAK Threat Hunting Framework

Apr 18, 2023 By David Bianco In Splunk
Cybersecurity is an ever-evolving game of cat and mouse. As security experts come up with new ways to protect valuable digital assets, cybercriminals develop craftier techniques to bypass these defenses. Enter threat hunting – the proactive practice of ferreting out those sneaky cyber-rodents.
Read Post

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 1)

Apr 13, 2023 By Splunk In Splunk
The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.
View Video

Splunk SOAR Playbooks - Dynamic Identifier Reputation Analysis (Part 2)

Apr 13, 2023 By Splunk In Splunk
The Dynamic Identifier Reputation Analysis playbook is an essential tool for any security operations center (SOC) team looking for a comprehensive view of their environment’s threat landscape. By leveraging MITRE DEFEND's approach for dynamic identifier reputation analysis, SOC teams can quickly identify potential threats and vulnerabilities and take proactive steps towards mitigating risk before it causes damage.
View Video
Subscribe to Logging

Copyright © 2024 OpsMatters™. All rights reserved.