Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Splunk

splunk

Splunk Wins Third Ever NAVWAR Enterprise Artificial Intelligence Prize Challenge for Exceptional SOAR Capabilities

Nov 18, 2021 By Dave Donnelly In Splunk

Naval Information Warfare Systems Command (NAVWAR) enterprise recently announced that Splunk is the winner of its third prize challenge in the Artificial Intelligence Applications to Autonomous Cybersecurity (AI ATAC) Challenge series.

Read Post

Splunk SOAR Feature Overview: Visual Playbook Editor + Input Playbooks

Nov 17, 2021 By Splunk In Splunk
Splunk SOAR’s new, modern visual playbook editor makes it easier than ever to create, edit, implement and scale automated playbooks to help your team eliminate security analyst grunt work, and respond to security incidents at machine speed. Now, anyone can automate, allowing your team to achieve faster time to value from your SOAR tool. In this demo, we'll show you how to build an "input playbook". Input playbooks are used to automate simple IT and security tasks, and can then be leveraged as part of larger, more complex playbooks for a more modular approach to automation. For a more in-depth look at the new visual playbook editor and input playbooks, watch this video.
View Video
splunk

Detecting Remcos Tool Used by FIN7 with Splunk

Nov 16, 2021 By Splunk Threat Research Team In Splunk

We decided to try to run a well-known Remote Access Trojan (RAT) called Remcos used by FIN7. This tool has been around for some time and has a reputation for being stealthy and effective in controlling compromised hosts. Sold as a remote computer monitoring tool, this tool has plenty of features that can allow an operator behind the control to do multiple operations against a compromised system.

Read Post
splunk

FIN7 Tools Resurface in the Field - Splinter or Copycat?

Nov 11, 2021 By Splunk Threat Research Team In Splunk

FIN7 is a well-organized criminal group composed of highly-skilled individuals that target financial institutions, hospitality, restaurant, and gambling industries. Until recently, it was known that high-level individuals of this criminal enterprise were arrested — specifically 3 of them — and extradited to the United States. This criminal group performed highly technical malicious campaigns which included effective compromise, exfiltration and fraud using stolen payment cards.

Read Post

Splunk SOAR Playbooks: Conducting an Azure New User Census

Nov 9, 2021 By Splunk In Splunk
Tune in to the Tech Talk to learn how to get started with an account monitoring use case, how our newest community playbook initiates a scheduled review of new accounts created in Azure Active Directory each week, and how your security team should have a good understanding of the frequency and common attributes of newly created accounts.
View Video

Splunk SOAR Playbook - Malware Triage with Crowdstrike and Splunk Phantom

Nov 9, 2021 By Splunk In Splunk
Tune into the Tech Talk to learn about the combination of Crowdstrike and Splunk Phantom that allows for a smooth operational flow from detecting endpoint security alerts to operationalizing threat intelligence and automatically taking the first few response steps – all in a matter of seconds.
View Video
Subscribe to Splunk

Copyright © 2024 OpsMatters™. All rights reserved.