Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



My Username Fields Have Passwords in Them! What Do I Do?

As security practitioners, we like to read blogs, whitepapers, and even Mastodon “toots” that talk about new or novel threats and vulnerabilities. Recently, our fearless and never sleeping Security Strategist Leader James Brodsky called attention to a blog post from a researcher that highlighted the risks of password disclosure in authentication logs.


The SQL Injection Guide: Attacks, Types, Signs & Defense Against SQLi

Most dynamic web applications and sites — ones that store and process user information — use some sort of database implementation. One of the most common implementations involves SQL. Structured Query Language is a standard language for relational database management systems (RDBMS). It lets you query database records, change and modify them, set permissions, create custom views and storage procedures.


Zero Day Defined: Zero-Day Vulnerabilities, Exploits & Attacks

Zero-Day” is an intriguing concept in the domain of cybersecurity. Imagine diligently following security best practices such as patching exploits and updating the systems regularly. Plus, you’re following strict risk management and governance frameworks within the organization to vet new software applications for security risk before adding them to your library. But what happens when the security flaws are novel — and a patch does not exist?


Machine Learning in Security: Detecting Suspicious Processes Using Recurrent Neural Networks

Malicious software like ransomware often use tactics, techniques, and procedures such as copying malicious files to the local machine to propagate themselves across the network. A few years ago, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services issued a joint cybersecurity advisory to ward off potential harm from threat actors for at-risk entities.


Breaking the Chain: Defending Against Certificate Services Abuse

In recent years, there have been several high-profile cyber attacks that have involved the abuse of digital certificates. Digital certificates are electronic credentials that verify the identity of an entity, such as a person, organization, or device, and establish trust between parties in online transactions. They are commonly used to encrypt and sign data, authenticate users and devices, and secure network communications.

Coffee Talk with SURGe: Oakland Ransomware Attack, BreachForums, Acropalypse Vulnerability, GPT-4

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan shared their takes on responding to 0day vulnerabilities and the trio also discussed GPT-4 and the future of generative AI.

What's Digital Rights Management (DRM)? Protecting Intellectual Property Today

Digital rights management (DRM) is a set of technologies, tools and techniques to protect your copyrighted digital content from unauthorized copying, sharing or usage. Content creators, organizations and distributors typically implement DRM to control access to their intellectual or sensitive property and ensure that it is only used by the terms and conditions they have established. It also helps companies secure their files and enables safe sharing, so they don’t land in the wrong hands.

SOCtails - Unify Security Operations with Splunk Mission Control

Security teams constantly pivot between multiple tools and management consoles in order to detect, investigate, and respond to security incidents. It's time-consuming and complex. And it's Kevin's personal nightmare. Jeff shows Kevin how to unify his security operations across detection, investigation and response using Splunk Mission Control.

Unify Your Security Operations with Splunk Mission Control

Splunk Mission Control brings order to the chaos of your security operations by enabling your SOC to detect, investigate and respond to threats from one modern and unified work surface. Watch this 5 minute demo video to learn how Mission Control unifies your security operations experience across Splunk’s industry-leading security technologies and partner ecosystem in one work surface. The demo use case focuses on how an analyst detects, investigates and responds to an encoded PowerShell attack.

The SOC Manager/Director Role: Skills, Duties, Salary & More

Cybercriminals target organizations to steal sensitive data, disrupt operations, or cause damage to organizations. But a well-designed security operations center (SOC) helps prevent these attacks from ever occurring. SOC managers detect and respond to cyber security threats to ensure your organization operates securely. They manage the team, develop policies and procedures, and keep the CISO informed about security operations. Let’s take a look at the SOC manager role.