The digital world is a lot like the Old West: lawless criminals are looking to take advantage of any bug, flaw or vulnerability to exploit. To combat the problems from these flaws, many organizations offer bounties to anyone who can find them before cybercriminals. Because bugs can be challenging to spot, bug bounty programs leverage ethical hackers' expertise to spot corporate software's flaws. Some of the largest corporations in the world, including Google, Microsoft, and the U.S.

Typosquatting goes by many names: URL hijacking, domain mimicry and domain typo-squatting, to name a few. However, they all mean the same thing: malicious attackers register domain names similar to popular websites but with common typos and variations. Typosquatting aims to trick users who mistype the legitimate URL into visiting and using the fraudulent site. It is a widespread practice.

Authentication and authorization are two processes that play a significant role in any web application. These concepts ensure that only trusted individuals are granted access to the resources of the application. Plus, with all the web applications and services we use regularly, it is increasingly difficult to manage credentials for multiple user accounts. SAML technology provides a means for securely logging into multiple applications using a single set of credentials.

Picture yourself as a cyber detective, ready to uncover the hidden threats lurking in the shadows of your organization's network. Sounds exciting, right? Well, hypothesis-driven hunting is all about channeling your inner Hercule Poirot to stay one step ahead of adversaries working against you. The PEAK threat hunting framework identifies three primary types of hunts: In this post, we’re going to look at hypothesis-driven hunting in detail.

Password spraying is a cyber threat that exploits weak passwords in order to easily compromise user accounts. That means it is critical to enforce strict access controls when authenticating users into a system. This article provides an overview of password spraying attacks, including how they work and a few real-world examples of these attacks. I’ll also look at how these attacks impact businesses, along with mechanisms to detect and prevent them.

Co-author: Matthias Maier, Product Marketing Director at Splunk. With increasing focus on implementing security standards within the digital supply chain, national and industry-specific certifications have become increasingly important. Today, we are excited to announce that Splunk Services Germany GmbH has become a TISAX participant. The alignment with TISAX requirements demonstrates Splunk’s continued commitment to support the heightened security expectations in the automotive industry.

In our last RBA blog post, we talked about some of the problems RBA can help solve. In this post, we explain the methodology we use with Splunk customers as their security teams start working with RBA. In working with our customers, the Splunk Superstar RBA Braintrust has developed a powerful methodology to kickstart your RBA implementation. From first moves to production, these four levels take you step-by-step through the process of successfully getting RBA up and running.

Security professionals have become all too familiar with the threat posed by phishing. Whether it’s a convincing looking email asking an employee to click a link to update their login credentials or a surprise text from the CEO asking them to send over gift card codes for a customer, phishing attacks have only continued to grow over the years. For 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.