While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-

Have you ever had to saw through a board by hand? I had to finish a partial cut by hand the other day while building a new mantle for my fireplace. It’s slow and difficult, and it often results in a lesser quality cut than one done with a power tool. It’s good exercise, though! We should all have to do it at least once so we appreciate our power tools more.

The main focus for cybersecurity teams — moving beyond compliance — is to deliver the level of security required to manage the likelihood of a breach and the potential impact to the business. This is more effective than simply focusing on the cost of delivering security services.

The recent disclosure of CVE-2020-1472 vulnerability by Microsoft showcases the need for tools that allow defenders to quickly replicate published exploit code, register attack data, and create signatures or other mitigations against released exploits with a high likelihood of exploitation against popular infrastructure or operating systems.

At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.

Surprisingly, many organizations have yet to move beyond the traditional compliance-driven approach to cybersecurity. However, to address today’s risk of a cyber breach — which can lead to an organization’s data being compromised or a disruption to business operations — cybersecurity organizations need to focus on delivering the level of security required to protect corporate assets and align with the strategic goals and objectives of the business.

Okay... and we’re back! Yes, there’s been a bit of a hiatus since you’ve heard from us in Core Security, but that’s not because we haven’t been busy. In fact, we’ve released a number of enhancements for both the security and user administration experiences of Splunk Enterprise. Going forward, we’ll be a bit more visible bringing you details on these enhancements.

Security teams can’t defend what they can’t see. As organizations move more workloads to the cloud, security teams need added visibility into these new workloads or risk having blind spots that lead to compromise. In the first installment of our "Getting Data In" webinar series, "Modernizing your SOC for the Cloud Age Starts with Security Foundations," we demonstrate how to quickly and easily onboard data into Splunk Cloud.

The lines Between IT and OT are blurring. With IT and Operational Technology (OT) systems converging, ensuring the security of devices, applications, physical locations and networks has never been more difficult or more important. There is a growing recognition by security professionals that they have a readiness and visibility problem in plain sight.