Tour of Graylog
Jeff Darrington is back with a tour of the latest Graylog version.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Public Sector Demand for Devo Solutions Leads to New Partnerships & Contracts
Following our February announcement that Devo has been designated as FedRAMP “In-Process,” I’m excited to report that our public sector momentum continues in other key areas. Here are some recent highlights: All of this momentum and growth is an affirmation of the excellence of the Devo Platform and the exceptional quality of our success services to support them. And it also demonstrates Devo’s long-term commitment to serving our customers and partners in the public sector.
Reduce spending on Splunk and other high-cost security data solutions through LimaCharlie
Join the team at LimaCharlie as they demonstrate how organizations can drastically reduce their security tooling spend, all while avoiding vendor lock-in, by using LimaCharlie.
Threat Update: AcidRain Wiper
The Splunk Threat Research Team has addressed a new malicious payload named AcidRain. This payload, deployed in the ongoing conflict zone of Eastern Europe, is designed to wipe modem or router devices (CPEs).
Graylog and 3CX Call Detail Records
In this video senior technical marketing manager, Jeff Darrington, takes you through logging call detail records.
Springing 4 Shells: The Tale of Two Spring CVEs
The Splunk Threat Research Team (STRT) has been heads-down attempting to understand, simulate, and detect the Spring4Shell attack vector. This post shares detection opportunities STRT found in different stages of successful Spring4Shell exploitation. At the time of writing, there are two publicly known CVEs: CVE-2022-22963, and CVE-2022-22965. The Splunk Security Content below is designed to cover exploitation attempts across both CVEs.
Sumo Logic vs Splunk: Which Is Better For Big Data Log Analysis?
Log analysis and security incident and event management (SIEM) tools have become staples of enterprise cyber resilience programs. For vigilant organizations, having infrastructure visibility into the transactions occurring behind the scenes is instrumental to maintaining a strong security posture. Splunk and SumoLogic are two leading platforms that serve this critical purpose—let’s revisit them again to see how their current offerings stack up.
Splunk Global Research: The State of Security 2022
Splunk's State of Security report for 2022 found that security organizations face more — and more serious — challenges than ever before. Exacerbated by the pressures of the pandemic, the rise of dangerous avenues of attack and a crisis of staff burnout, security teams are dealing with a lot: 78% of security and IT leaders say that remote workers are harder to secure 65% of organizations have reported an uptick in attacks during the pandemic 73% within the industry have reported colleagues quitting due to burnout.
Detecting Active Directory Kerberos Attacks: Threat Research Release, March 2022
The Splunk Threat Research Team recently developed a new analytic story, Active Directory Kerberos Attacks, to help security operations center (SOC) analysts detect adversaries abusing the Kerberos protocol to attack Windows Active Directory (AD) environments. In this blog post, we’ll describe some of the detection opportunities available to cyber defenders and highlight analytics from the analytic story.