One of our most exciting new projects at Splunk is coming to life. Over the past year, we have been hard at work putting together our vision: a place where Splunk admins, NOC/SOC teams, data analysts, and data scientists can collaborate, experiment, and operationalize their work, all in a single environment inside the Splunk ecosystem. We call it Splunk Machine Learning Environment (SMLE).

Every organization that uses AWS has a set of user accounts that grant access to resources and data. The Identity and Access Management (IAM) service is the part of AWS that keeps track of all the users, groups, roles and policies that provide that access. Because it controls permissions for all other services, IAM is probably the single most important service in AWS to focus on from a security perspective.

As the Trump Administration comes to a close, there is no better time than the present to reexamine the Department of Defense Digital Modernization Strategy and its potential sustainment beyond January 2021.

Recently, I’ve been on a mission building a new Microsoft Office 365 Email Add-on for Splunk. This has been built for use with Splunk Enterprise, while making sure that it properly supports Splunk’s Common Information Model (CIM). CIM is paramount when wanting data to play nicely with Splunk Enterprise Security.

With Kinesis Firehose being Splunk’s preferred option when collecting logs at scale from AWS Cloudwatch Logs, we’ve seen plenty of posts on setting this up, automation and examples on transforming event content. But what about when things go wrong?

Machine learning (ML) and analytics make data actionable. Without it, data remains an untapped resource until a person (or an intelligent algorithm) analyzes that data to find insights relevant to addressing a business problem. For example, amidst a network outage crisis a historical database of network log records is useless without analysis. Resolving the issue requires an analyst to search the database, apply application logic, and manually identify the triggering series of events.

I hope I’m not alone in starting 2021 with some sense of optimism. While several hard months remain ahead of us, I am hopeful and also expecting that some sense of normality will return by the summer months. Either way, this gives us an opportunity to reflect on the challenges we have faced. 2020 was testing. We learnt a lot about ourselves and our businesses in the most challenging of circumstances.

In early October 2020, the Department of Defense released its long-anticipated and much needed Data Strategy. This strategy is the latest installment under the Department’s Digital Modernization Strategy, which was released in July 2019, and focused on the key strategic pillars of enterprise cloud adoption, artificial intelligence, command, control, communications, cybersecurity, and IT reform.

Fraud rates for Unemployment Insurance Benefits (UIB) and Pandemic Unemployment Assistance (PUA) are out of control. In May 2020, Brian Krebs of Krebsonsecurity published two articles detailing fraud that was occurring in several different state’s UIB portals. These states had been warned by the US Secret Service to be on the lookout for this. Reading the articles, the common theme is that many states are missing rudimentary controls for combating fraud.