Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In life, you get a lot of different alerts. Your bank may send emails or texts about normal account activities, like privacy notices, product updates, or account statements. It also sends alerts when someone fraudulently makes a purchase with your credit card. You can ignore most of the normal messages, but you need to pay attention to the fraud alerts. Security is the same way.

Picture yourself as a cyber detective, ready to uncover the hidden threats lurking in the shadows of your organization's network. Sounds exciting, right? Well, hypothesis-driven hunting is all about channeling your inner Hercule Poirot to stay one step ahead of adversaries working against you. The PEAK threat hunting framework identifies three primary types of hunts: In this post, we’re going to look at hypothesis-driven hunting in detail.

Password spraying is a cyber threat that exploits weak passwords in order to easily compromise user accounts. That means it is critical to enforce strict access controls when authenticating users into a system. This article provides an overview of password spraying attacks, including how they work and a few real-world examples of these attacks. I’ll also look at how these attacks impact businesses, along with mechanisms to detect and prevent them.

Co-author: Matthias Maier, Product Marketing Director at Splunk. With increasing focus on implementing security standards within the digital supply chain, national and industry-specific certifications have become increasingly important. Today, we are excited to announce that Splunk Services Germany GmbH has become a TISAX participant. The alignment with TISAX requirements demonstrates Splunk’s continued commitment to support the heightened security expectations in the automotive industry.

In our last RBA blog post, we talked about some of the problems RBA can help solve. In this post, we explain the methodology we use with Splunk customers as their security teams start working with RBA. In working with our customers, the Splunk Superstar RBA Braintrust has developed a powerful methodology to kickstart your RBA implementation. From first moves to production, these four levels take you step-by-step through the process of successfully getting RBA up and running.

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.

There are about 90 DNS resource record types (RR) of which many of them are obsolete today. Of the RR’s used, DNS TXT record offers the most flexibility in content by allowing user defined text. The TXT record initially designed to hold descriptive text (RFC 1035) is widely used for email verification, spam prevention and domain ownership verification.

The first three pillars of the National Cyber Security Strategy focused on activities that could be accomplished in the near term–perhaps within a few years. The last two pillars start looking at some challenges that we need to address now.