The Cambridge English Dictionary defines a silo as “a part of a company, organization, or system that does not communicate with, understand, or work well with other parts.” Siloing can exist at various organizational levels: siloed departments, siloed teams within a department, and even siloed engineers within a team. In any industry, siloing can cause issues with alignment, communications, and overall delivery, but in fintech, there are additional risks.

From its inception as a powerhouse for logging, Elastic Observability has grown into a comprehensive solution for full-stack multi and hybrid-cloud observability. Given the increasing complexity of the cloud-native world, the major challenge for observability is twofold: getting deeper and more frictionless visibility at all levels of applications, services, and infrastructure, and making sense of the overwhelming amount of data that is available.

The United States is the #1 target for cybersecurity attacks in the world. 38% of targeted cybersecurity attacks so far in 2022 were aimed at the United States data and systems. That’s alarming. And we see it in the news almost every day. Solarwinds, Colonial Pipeline, The Pulse Secure VPN zero-day… There’s an increasing number of threats and attacks, to the tune of 15.1% year over year.

So, what is Universal Profiling™? Universal Profiling™ is fast emerging as an important component of observability. A standard feature inside hyperscalers since approximately 2010, the technology is slowly percolating into the wider industry. Universal Profiling™ allows you to see what your code is doing all the time, in production across a wide range of languages and can profile both user-space and kernel-space code.

Every security operations center (SOC) team is different, and for smaller teams, even small challenges can seem big. I started my career in cybersecurity as part of a smaller team, and eventually grew into a SOC role. During that time, I gained a good deal of knowledge about the dos and don’ts of what a small SOC team needs to do in order to be successful.

Every millisecond, humans generate significant volumes of data, from various IoT devices such as our wearable devices to daily activities such as internet surfing and tracking our workouts. Data continues to accumulate. Statista estimates that by 2025, the amount of data will have increased to 180 zettabytes. That's far too much information.

As Kubernetes monitoring continues to standardize on Prometheus as a form factor, more and more developers are becoming familiar with Prometheus’ built-in query language, PromQL. Besides being bundled with Prometheus, PromQL is popular for being a simple yet expressive language for querying time series data. It’s been fully adopted by the community, with lots of great query repositories, sample playbooks, and trainings for PromQL available online.

MongoDB is a cross-platform NoSQL database that uses JSON-like documents with optional schema to store data. It was designed for high availability, high performance for high-data persistance use cases, and automatic scaling. Of course, all with the right infrastructure in mind. It is usually a good choice for document-oriented use cases when you need quick prototyping or massive scale. With the massive scale comes massive traffic, though.

A typical bit of feedback I have had during my time at Splunk is that the Splunk Machine Learning Toolkit (MLTK) looks nice and all, but how are we supposed to get started using it? Choosing the right technique, let alone the right algorithm can be a daunting task for those who are unfamiliar with machine learning (ML). We’ve been thinking long and hard about how we can help offer more prescriptive introductions into using ML at Splunk and I’m pleased to present our set of MLTK deep dives.