Mastodawn

Beth Pariseau Sep 21, 2023

At first glance, there are some obvious ways the two companies could come together, but analysts and IT pros also identify potential snags as Cisco prepares to absorb Splunk for $28B.

https://www.techtarget.com/searchitoperations/news/366552861/IT-pros-react-to-blockbuster-28B-Cisco-Splunk-deal

#SIEM #observability #securityanalytics #AI #Splunk #splunksecurity #cisco #fullstackobservability #securityanalytics #securityautomation

IT pros react to blockbuster $28B Cisco-Splunk deal

Cisco goes through with its long-rumored acquisition of Splunk for security and observability, but the two aren't necessarily a perfect fit, according to some industry observers.

TechTarget

gregf Aug 26, 2023

I made a Splunk app for External Attack Surface Management (EASM). It's not going to compete with the big boys, but it's powerful, extensible, free and open-source.

It wraps an API around Project Discovery's recon tools, with
Splunk running discovery jobs and dashboarding results.

- https://splunkbase.splunk.com/app/7010 (SplunkBase)
- https://github.com/gf13579/splunk_easm_worker (GitHub - Worker)
- https://github.com/gf13579/splunk_app_for_easm (GitHub - App)

#splunk #SplunkSecurity #easm

David J. Bianco (He/Him)May 17, 2023

My colleague @iknowuhack just published the 3rd post in our #ThreatHunting series, "Model-Assisted Threat Hunting (M-ATH) with the #PEAK Framework".

Find out how to leverage machine learning in your hunts!

https://www.splunk.com/en_us/blog/security/peak-framework-math-model-assisted-threat-hunting.html

#SplunkSecurity #SURGe #ML #MachineLearning

Model-Assisted Threat Hunting (M-ATH) with the PEAK Framework

Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator. For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH).

Splunk-Blogs

David J. Bianco (He/Him)May 17, 2023

Are the CAs we rely on to validate web identities up to the task? Do any sign more than (or less than) their share of malicious certs?

I downloaded all 5B certs to find out.

New Blog: https://www.splunk.com/en_us/blog/security/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates.html

#cybersecurity #SplunkSecurity #SURGe

Trust Unearned? Evaluating CA Trustworthiness Across 5 Billion Certificates

In this blog post, we dive into our recent research project, in which the Splunk SURGe team analyzed more than five billion TLS certificates to find out if the CAs we rely on are really worthy of our trust.

Splunk-Blogs

David J. Bianco (He/Him)May 8, 2023

Just published the next blog in our #SplunkSecurity #SURGe series on the #PEAK #ThreatHunting Framework: "Hypothesis-Driven Hunting with the PEAK Framework"

https://www.splunk.com/en_us/blog/security/peak-hypothesis-driven-threat-hunting.html

Look for future posts covering more hunt types and other framework topics coming soon!

Hypothesis-Driven Hunting with the PEAK Framework

Details on hypothesis-driven threat hunting with the PEAK framework.

Splunk-Blogs

DomainTools May 8, 2023

DomainTools @gclef joins @DavidJBianco tomorrow at 11AM PT to chat about their collaboration on a research project evaluating the trustworthiness of certificate authorities using #SplunkSecurity. Be sure to tune in here: https://www.linkedin.com/events/7059605596509016064/comments/

Coffee Talk with SURGe: the Interview Series featuring DomainTools | LinkedIn

Join David Bianco and special guest Aaron Gee-Clough, Senior Data Engineer at DomainTools for an interview about their collaboration for a research project evaluating the trustworthiness of certificate authorities (CAs) by analyzing five billion TLS certificates using Splunk. Link to RSA talk about the research: https://lnkd.in/g7u4qUSB Link to RSA slides: https://lnkd.in/gXB8t-Ns Link to DomainTools 2021 report: https://lnkd.in/g7vXPPt6

David J. Bianco (He/Him)Apr 28, 2023

I love this #RSAC23 talk by Lillian Teng and my #SplunkSecurity colleague @audrastreetman on inclusive hiring in #cybersecurity.

It's way too hard to get started in this field, and we're shooting ourselves in the foot. Learn how to hire better!

https://www.rsaconference.com/USA/agenda/session/Rethinking%20Recruiting%20Effective%20Hiring%20Practices%20to%20Close%20the%20Skills%20Gap

David J. Bianco (He/Him)Apr 27, 2023

Video of my #RSAC talk (as presented by @meansec) is up!

"Trust Unearned? Evaluating CA Trustworthiness Across 5 Billion Certificates"

Video: https://www.rsaconference.com/USA/agenda/session/Trust%20Unearned%20Evaluating%20CA%20Trustworthiness%20Across%202%20Billion%20Certificates

Slides: https://speakerdeck.com/davidjbianco/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates

Data: splk.it/CATrust

#SplunkSecurity #SURGe

David J. Bianco (He/Him)Apr 24, 2023

If you liked the #PEAK #ThreatHunting framework we published last week, be sure to stop by the Splunk booth at #RSAC2023 (N-5770) on Wednesday at 1:30. PEAK co-creator @iknowuhack will be giving a short talk about it!

https://www.splunk.com/en_us/blog/security/peak-threat-hunting-framework.html

@splunk #SplunkSecurity #SURGe

Introducing the PEAK Threat Hunting Framework | Splunk

Introducing the PEAK Threat Hunting Framework, bringing a fresh perspective to threat hunting and incorporating three distinct types of hunts.

Splunk

Tanya Janca | SheHacksPurple

Apr 13, 2023

It's that time of year... @splunk has released it's "State of Security" report! First point they share is that 88% of respondents say it's near-impossible to hire security folks. Maybe they need some training? HMMMMM.
https://www.splunk.com/en_us/form/state-of-security.html
#SplunkSecurity

The State of Security 2023 | Splunk

How leading organizations keep pace with today’s security challenges and build resilience.

Splunk