Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Baseline Hunting with the PEAK Framework

Jul 11, 2023 By David Bianco In Splunk
Baselines are an essential part of effective cybersecurity. They provide a snapshot of normal activity within your network, which enables you to easily identify abnormal or suspicious behavior. Baseline hunting is a proactive approach to threat detection that involves setting up a baseline of normal activity, monitoring that baseline for deviations, and investigating any suspicious activity.
Read Post
splunk

Threat Actors in 2023: Who They Are & How To Defend Against Bad Actors

Jul 10, 2023 By Muhammad Raza In Splunk
Risks are everywhere. Online, in real life. Digital transformation and the rapid integration of cloud-based technologies has been met with an unprecedented increase in cybersecurity risks. In most cases, standard cybersecurity best practices and a strong mechanism for Identity and Access Management will take care of most exploits, vulnerabilities and human errors that lead to a data leak.
Read Post
graylog

Centralized Log Management for ANSSI and CIIP Framework Compliance

Jul 10, 2023 By Jeff Darrington In Graylog
Decree No. 2009-834 established ANSSI (Agence nationale de la sécurité des systèmes d’information) as the National Cybersecurity Agency of France in 2009. In 2013, Article 22 of the Military Programming Law defined ANSSI’s functions and responsibilities, giving the agency regulatory and enforcement powers. Further, ANSSI is France’s primary point of contact with the larger European Union (EU) Network and Information Systems (NIS) Directive, with Decree No.
Read Post

Chaos AI Assistant (AWS Security Lake Analysis)

Jul 10, 2023 By ChaosSearch In ChaosSearch
Now you can actually have a conversation with your data! The Chaos AI Assistant is a breakthrough feature that elevates log and event data analytics. Seamlessly integrating with the ChaosSearch Platform, it utilizes AI and Large Language Models (LLMs), enabling you to talk to your data to unveil actionable insights.
View Video

Chaos AI Assistant (Security Analysis via Chain of Thought)

Jul 10, 2023 By ChaosSearch In ChaosSearch
Now you can actually have a conversation with your data! The Chaos AI Assistant is a breakthrough feature that elevates log and event data analytics. Seamlessly integrating with the ChaosSearch Platform, it utilizes AI and Large Language Models (LLMs), enabling you to talk to your data to unveil actionable insights.
View Video
splunk

Machine Learning in Security: Detect DNS Data Exfiltration Using Deep Learning

Jul 7, 2023 By Namratha Sreekanta In Splunk
Since the Domain Name System (DNS) protocol is foundational for internet functionality, DNS traffic is allowed to move through firewalls without much scrutiny unlike HTTPS, FTP and SMTP. Malicious actors have successfully been able to exploit this advantage to transfer data between networks, which is beyond the original intention of DNS protocol.
Read Post
splunk

Peeping Through Windows (Logs): Using Sysmon & Event Codes for Threat Hunting

Jul 7, 2023 By Tom Smit In Splunk
If you have been reading our hunting series, you may have noticed that many threat hunting techniques center on network-centric data sources. Thus far, we have yet to speak about the big kahuna in our hunting tool chest. We are rectifying that right here, right now: we are going to talk about Microsoft Sysmon! In this article, we’re looking at using Sysmon to hunt for threats in endpoints.We’ll highlight some of the most valuable places to start hunting in your Windows logs.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.