Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

splunk

Exploring AI for Vulnerability Investigation and Prioritisation

Mar 26, 2025 By James Hodgkinson In Splunk
The sheer volume of cybersecurity vulnerabilities is overwhelming. In 2024, there were 39,998 CVEs — an average of 109.28 per day! This constant stream of new threats makes it increasingly difficult for security teams to keep up. Large Language Models (LLMs) offer a possible solution, helping automate vulnerability investigation and prioritisation, allowing teams to more efficiently assess and respond to emerging risks. Do you even have time to skim over 109 CVEs a day?
Read Post

Intro to Cisco Secure Application in Splunk AppDynamics

Mar 13, 2025 By Splunk In Splunk
Welcome to this in-depth introduction to Cisco Secure Application in Splunk AppDynamics. In this video, I’ll walk you through how Cisco Secure Application seamlessly integrates with your existing Splunk AppDynamics APM agents to provide real-time security monitoring. We’ll first review the high-level architecture of Cisco Secure Application, and then I’ll show you how to use the Cisco Secure Application dashboard to monitor the security status of applications, business transactions, libraries, vulnerabilities, attacks, and observations.
View Video

Harness Data to Prevent Fraud with Splunk and AWSSPLUNK_AWS_FRAUD_11202024 (1)

Mar 6, 2025 By Splunk In Splunk
In this webinar, you will learn about the influence of data-driven technology on fraud detection and prevention. You will discover how businesses can use AI, machine learning, and big data analytics to proactively identify hazards and monitor transactions in real time. The workshop will provide useful insights into cutting-edge solutions that improve customer security and protect sensitive information, as well as practical tactics and case studies for successfully combating fraud.
View Video
splunk

Why Security Teams Choose Splunk Enterprise Security: Three Core Benefits That Transform SecOps

Feb 28, 2025 By Olivia Henderson In Splunk
A SOC of the future is a resilient SOC that fosters a collaborative and proactive cybersecurity approach with a modern technology foundation. At the core of the SOC of the future is a unified threat detection, investigation, and response (TDIR) platform, representing the real-world requirements for how tools contribute to the SOC’s mission and strategy, providing integration and efficient process execution. The foundation for the unified TDIR platform is a modern SIEM.
Read Post
splunk

Infostealer Campaign against ISPs

Feb 28, 2025 By Splunk Threat Research Team In Splunk
The Splunk Threat Research Team has identified a campaign targeting ISP infrastructure providers on the West Coast of the United States and the country of China. This mass exploitation campaign originates from Eastern Europe and uses simple tools that abuse victim’s computer processing power to install cryptomining payloads and binaries with diverse functions such as.
Read Post
splunk

What Is a Watering Hole Attack? Detection and Prevention

Feb 25, 2025 By Muhammad Raza In Splunk
We already know that cybercriminals exploit the weakest link in your IT networks. The best defense against these exploits comes down to safeguarding the most vulnerable entry points. But what if the weakest link in your cybersecurity defense lies beyond your IT network itself?
Read Post

Access your data with Federated Analytics for Amazon Security Lake with Splunk, AWS, and Accenture

Feb 18, 2025 By Splunk In Splunk
Federated Analytics gives organizations the full power of Splunk extended to data stored in Amazon Security Lake. Trusted partners like Accenture are helping bring these new capabilities to life at organizations around the world.
View Video
splunk

Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time

Feb 18, 2025 By Michael Haag In Splunk
Windows permission misconfigurations remain a common attack vector in enterprise environments. Attackers consistently leverage these misconfigurations for privilege escalation, with Security Descriptor Definition Language (SDDL) emerging as a blind spot. From LockBit's manipulation of event log permissions to RomCom's exploitation of Task Scheduler vulnerabilities (CVE-2024-49039), SDDL misconfigurations have become a prime target for sophisticated attacks.
Read Post
splunk

Autonomous Adversaries: Are Blue Teams Ready for Cyberattacks To Go Agentic?

Feb 7, 2025 By Ryan Fetterman In Splunk
2024 was a year of incredible progression for Artificial Intelligence. As large language models (LLMs) have evolved, they have become invaluable tools for enriching the capabilities of defenders – instantly providing the knowledge, procedures, opinions, visualizations, or code any given situation demands. However, these same models provide outputs that enable even low-sophistication attackers to uplift their own skill-levels.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.