https://www.europesays.com/2399096/ Cisco launches Data Fabric to harness machine data for AI era #AIModels #AmazonS3 #ArtificialIntelligenceAI #cisco #CLOUDData #Data #DataAnalytics #DataFabric #DataManagement #DataSecurity #DevOps #DigitalTransformation #forecasting #ITOps #MachineLearning(ML) #MicrosoftAzure #OpenStandards #Orchestration #SecOps #Snowflake #Spark #Splunk
#splunk
0 posts0 participants0 posts today
Splunk rant
Since DNS is on 
today I should note if you're a Splunk shop, the DNS data model in Enterprise Security does not include the field for TXT record values, you need to add that manually.
Then you can do high-fidelity detections such as length and base64 with conversions looking for code.
Introducing...the #OpenTelemetry Injector! The Injector, recently donated by #Splunk, helps you automatically instrument your applications no matter the programming languages used. Learn more in our latest blog post!
OpenTelemetry · Adding Automatic Instrumentation to Your App, Made Easy with the OpenTelemetry InjectorAs OpenTelemetry adoption grows across infrastructure and application layers, easing the operational burden of instrumentation remains a shared priority. Today, we’re excited to highlight a recent donation from Splunk to the OpenTelemetry community: a host-based mechanism to automatically inject OpenTelemetry Automatic Instrumentation into your app on any Linux host.
This component has reached production stability and is now being donated to the community as the OpenTelemetry Injector. It helps streamline OpenTelemetry deployment across languages and systems.
Scott Bock presents 'Service Observability: An Introduction to Open Telemetry with Grafana and Spring Boot' July 25th at Nebraska.Code().
Splunk patched the CSRF bug (and a gazillion others I didn't find)! I guess I get to stop adding it to reports ...
Splunk Vulnerability DisclosureSplunk Security Advisories Archive
One of the best Splunk RBA articles I've seen. It's dense and addresses a handful of ES quirks and managing DHCP IPs in a KV.
https://www.gabrielvasseur.com/post/rba-aggregate-user-system-risks
Gabriel Vasseur · RBA: Aggregate user & system risks!Since RBA is all about aggregating security events that are related to the same entity, Assets & Identities normalisation is crucial to its success. Beyond basic normalisation for user and system risk objects, you also want to aggregate risks associated with a user with the risks associated with the assets they own (e.g. their laptop). We present a way to do that in Splunk. The Idea The whole implementation is a lot to take in, with many subtle details, so let's just first explain the what and t
Free online 4-hour Splunk RBA workshop next week.
https://docs.google.com/forms/d/e/1FAIpQLSc2a8khNLnJnnEuma3qjpzsb1tTroZNOu1UVqfnkEoEEGTzXg/viewform
Google DocsSplunk Risk Based Alerting Hands-On Workshop (Virtual)Join us on January 16th, 1:00PM - 5:00PM EST for a virtual RBA Hands-On Workshop.
Summary: This workshop is led by SEs, Security SMEs, CSMs, and Specialists with advanced cybersecurity knowledge and is designed to give participants hands-on experience with RBA. The lessons learned in this workshop will provide participants with the ability to begin deploying RBA with Enterprise Security. Initial goals include optimizing functions in the SOC such as detection engineering, triage, and investigations which ultimately free up cycles to focus on proactive activities such as adversary simulation, threat intelligence, SOAR, and threat hunting.
Prerequisite:
The Enterprise Security with Risk-Based Alerting Overview and Demo are a required prerequisite for this workshop. This overview is led by SEs, Security SMEs, CSMs, and Specialists and is designed to provide
any persona in the SOC with both an understanding of the RBA concept as well as help participants visualize the RBA endgame via a compelling and relevant demo.
The workshop agenda is approximately 4 hours and includes:
• High level overview
• Assets & Identities – Exercise
• MITRE ATT&CK Breakdown – Exercise
• Risk Rule – Exercise
• Risk Incident Rule – Exercise
• RBA and Beyond: Art of the Possible
Who Should Attend?
The workshop is designed for personas on a Security Operations team that are responsible for content creation, usually the Detection Engineering team.
What You Need:
This workshop is hands-on, and each user will need access to a modern web browser with internet connectivity. Splunk will provide a cloud environment where the Splunk software and data will reside.
Once registered, you will be sent a calendar invite for the event. If you have any questions about this workshop, please contact bfelicioni@splunk.com
Do I know anyone who works for/on #splunk ?
I'm evaluating its #accessibility for #screenReader users v8.26 for the #tryHackMe #AdventOfCyber challenges and let's just say I have some feedback to share. I can absolutely see that work has been done but I think an expert review is sorely needed :) Who do I talk to about that? #infoSec #cybersecurity
Hey fellow #OpenSearch fans. I'm curious if there's a way to do #Splunk syntax type searches? I came to OpenSearch from solr, graylog, and ELK, so I'm generally content with Lucene syntax, but overcoming the muscle memory has been more challenging from some coworkers that are used to Splunk. I would love to see OpenSearch become more of the goto over Splunk and this capability would go a long way to making that happen.
We’re thrilled to announce that the Investigative Journalism Foundation has been selected as a #Splunk Social Impact grantee helping to bridge the Data Divide!
This opportunity allows us to further our mission of holding power to account by leveraging data for transformative change. Learn more about our journey and other inspiring nonprofits here:
https://www.splunk.com/en_us/blog/splunk-for-good/bridge-data-divide-2024-2025-grantees.html
JOB ALERT
My team (#Splunk #SURGe) is looking for a mid- or senior-level researcher. The job involves participating and leading research teams, then publishing and speaking about what you learn for the benefit of the #cybersecurity community. We are a small team, but very supportive of each other and extremely collaborative. If this sounds like you, apply today!
Hey, I just tested an instance of Splunk and I didn't find this! How did I miss...
"According to Splunk, only instances running on Windows machines are affected by this vulnerability."
Oh. Never mind.
https://www.securityweek.com/splunk-enterprise-update-patches-remote-code-execution-vulnerabilities/
Cisco Talos Incident Response is now available to all #Splunk customers! Learn how Talos IR can help you assess, strengthen and evolve your cybersecurity program and make sure your systems are resilient against the worst-case scenarios http://cs.co/6017YdCpd
The cost of cybersecurity burnout: Impact on performance and well-being https://www.helpnetsecurity.com/2024/07/29/cybersecurity-professionals-stress-burnout-statistics/ #cybersecurity #VeeamSoftware #DeepInstinct #Integrity360 #HackTheBox #Proofpoint #Accenture #burnout #Trellix #Ivanti #report #Splunk #survey #News #CISO
Help Net Security · The cost of cybersecurity burnout: Impact on performance and well-being - Help Net SecurityThis article provides statistics and insights into the levels of stress and burnout experienced by cybersecurity professionals.
Hello Mastodon!
I'm Steven Butterworth, aka UKITGURU. I specialise in InfoSec and SIEM technologies (Splunk, Sentinel, Elastic). As a freelancer, I create and deliver SIEM content, working with gov departments and private sectors. Passionate about Data Science, Data Engineering, and data literacy. Avid triathlon enthusiast—never enough bikes! 
Looking forward to connecting!
#InfoSec
#SIEM
#Splunk
#Sentinel
#DataScience
#Triathlon
#Cycling
Podatność Path traversal w Splunk Enterprise na Windows
W oprogramowaniu Splunk Enterprise działającym na systemach Windows ujawniona została niedawno podatność typu path traversal, pozwalająca atakującemu na nieuprawniony dostęp do plików na podatnym systemie. Błąd może wykorzystać zdalnie nieuwierzytelniony atakujący i sprowadza się do wysłania pojedynczego żądania HTTP GET. Do wykorzystania może dojść w ścieżce /modules/messaging/ na instancjach Splunk z włączonym modułem...
#WBiegu #Cve #PathTraversal #Podatność #Python #Splunk #Websecurity
https://sekurak.pl/podatnosc-path-traversal-w-splunk-enterprise-na-windows/
Sekurak · Podatność Path traversal w Splunk Enterprise na WindowsW oprogramowaniu Splunk Enterprise działającym na systemach Windows ujawniona została niedawno podatność typu path traversal, pozwalająca atakującemu na nieuprawniony dostęp do plików na podatnym systemie. Błąd może wykorzystać zdalnie nieuwierzytelniony atakujący i sprowadza się do wysłania pojedynczego żądania HTTP GET. Do wykorzystania może dojść w ścieżce /modules/messaging/ na instancjach Splunk z włączonym modułem...
Got to bring my father into one of the larger caves - a new experience for him.