Authorization is a very common term in computer security. But most people confuse it with authentication. Let me explain it with an example. Now, let's dig deeper into the topic and see why authorization has become a major security concept.

In a world where attackers are continually devising more sophisticated ways to breach enterprises, the value of automation has become critically important. To make matters worse, today's SOC is grappling with swivel chair movement across various security products, which sometimes includes a standalone automation product.

Imagine you're responsible for the security of a bustling network, constantly under threat from bad actors looking to exploit any vulnerability. How do you keep up? Enter Snort, a powerful open-source tool that acts as your network’s watchdog, scanning for potential threats and alerting you when something seems off. In this guide, we'll break down how Snort works, focusing on the critical rules that make this tool effective at protecting your network.

Since the rise of the Internet, organizations and individuals have increasingly sought ways to keep their information secure and private. IT has witnessed a changing cyber threat landscape, and businesses have relied more and more on the Internet and data to function. However, the attack landscape widened in the 2010s. With widespread computer worms like Stuxnet in 2010, cybercriminals have gained critical access to organizations through operational technology.

The 2024 recognition momentum for Splunk continues! Splunk is ranked #1 for the fourth year in a row in the IDC Worldwide Security Information and Event Management Market Shares, 2023: The Leaders in SIEM City (doc # US52525024, September 2024) report. Splunk has also been named a Leader in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment (doc #US49029922, September 2024).

On July 19, 2024, CrowdStrike released configuration updates for its Windows sensor, aiming to enhance security and performance. Unfortunately, this update inadvertently led to widespread downtime, manifesting as Blue Screen of Death (BSOD) on millions of machines worldwide. The BSOD, a critical system error screen, halts all operations, rendering affected systems inoperable until resolved.

Splunk is proud to announce that Splunk SOAR has received Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization at the Moderate impact level. Splunk SOAR is ready to help public sector teams work smarter by automating repetitive tasks, responding to security incidents in seconds, and increasing analyst productivity and accuracy to better protect their organizations and the missions they serve.

Over the last year, we have continued to witness web shells breaching organizations worldwide, affecting both edge devices and on-premise web applications. Web shells consistently evade standard controls, posing a persistent threat. Today, the Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.

Howdy folks, it’s your friendly neighborhood transformational detection engineering evangelist Haylee Mills here. Maybe you’ve already been introduced to risk-based alerting, or maybe you’ve seen one of my many talks on the subject: Even if you haven’t, I’m super excited to share a brand new version of my step-by-step guide to success with the risk-based alerting framework!

As the Splunk Industry Advisor to the Australian public sector, I work closely with government organisations and their leaders to understand their goals, objectives and the challenges they face in achieving digital resilience. This blog shares perspectives on how Splunk works with the Australian government to provide a unique approach to solve some of the public sector's toughest challenges.