Operations | Monitoring | ITSM | DevOps | Cloud

Splunk

Operationalizing HashiCorp Vault: Introducing a New Splunkbase App to Monitor Vault

We are excited to announce the availability of the Splunk App for HashiCorp Vault. Using this app, organizations can seamlessly ingest and visualize performance metrics and audit logs in Splunk to investigate, monitor, analyze and act on Vault data across DevSecOps use cases.

Splunking Slack Audit Data

The Slack Audit Logs API is for monitoring the audit events happening in a Slack Enterprise Grid organization to ensure continued compliance, to safeguard against any inappropriate system access, and to allow the user to audit suspicious behavior within the enterprise. This essentially means it is an API to know who did what and when in the Slack Enterprise Grid account. We are excited to announce the Slack Add-on for Splunk, that targets this API as a brand new data source for Splunk.

CI/CD Detection Engineering: Splunk's Security Content, Part 1

It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.

Nation-State Espionage Targeting COVID-19 Vaccine Development Firms - The Actions Security Teams Need To Take Now!

Throughout the duration of COVID-19, there have been consistent rumors of increased nation-state espionage. In parallel, many recent ransomware strains have a COVID-19 tie-in. Now the United Kingdom's National Cyber Security Centre (NCSC), published an advisory report that the threat group APT29 is targeting governmental, diplomatic, think-tank, healthcare and energy targets for intelligence gain which are involved in COVID-19 vaccines development and testing.

Tackling Financial Crime is a Matter of Data: Fresh Thinking on an Age-Old Problem

Financial firms need to take a holistic view on their financial crime defenses to keep pace with the changing crime landscape. Dealing with the onslaught of attacks has historically elicited a Pavlovian response to this age-old problem — increased regulations or tighter risk management protocols, which in turn have proven to be ineffective over the long term.

Splunk Remote Work Insights - Now Available on Mobile!

The way we work has fundamentally changed in recent months due to the impact of the global COVID-19 pandemic. As more employees are working remotely, organizations are looking at new ways to ensure their workers can stay productive and secure. We released Splunk Remote Work Insights (RWI) to help IT and security teams have insight into the systems that their employees rely upon while working remotely.

Splunk and the WEF - Working Together to Unlock the Potential of AI

Use of AI can be critical when developing systems to support social good, with some inspiring examples using Splunk in healthcare and higher education organisations. According to our State of Dark Data report, however, only 15% of organisations admit they are utilising AI solutions today due to lack of skills. So how can we help organisations unlock the potential of AI?

Using Observability as a Proxy for Customer Happiness

Today, users and customers are driven by response rates to their online requests. It’s no longer good enough to just have a request run to completion, it also has to fit within the perceived limits of “fast enough”. Yet, as we continue to build cloud-native applications with microservice architectures, driven by container orchestration like Kubernetes in public clouds, we need to understand the behavior of our system across all aspects, not just one.

How to Modernize Your Security Operations Center (SOC)

In an evolving world, the modernization of the security operations center (SOC) is pivotal to the success of digital transformation initiatives. Security teams, however, are facing a shortage of cybersecurity professionals and struggling to detect and prioritize high-priority threats. Analysts in data-driven organizations can combat these issues by bringing people, process and technology together.