Tines’ Post

Continuing my weekend of security operations and response, I read through Packt Publishing's Security Orchestration, Automation, and Response for Security Analysts by Benjamin Kovacevic. Benjamin does an excellent job of breaking down the process of a SOAR and how to maximize the use of Microsoft Sentinel, Splunk, and Google Chronicle to automate incident management, investigation, response, and reporting. I recommend this book for anyone that is interested or involved in security operations and incident response. Pick up your copy here: https://a.co/d/dJDMnJO Shruthi Shetty #security #securityoperations #soar #securityautomation

Splunk! This tool helps you make sense of messy logs, uncover valuable insights (buried treasure), and smoothly navigate through a storm of information. Check out these 5 Splunk tricks in your Network. 1. Search like a pro: Forget clunky queries. Splunk's search language is like magic spells for your data. Cast "sourcetype=apache access* | stats count by status" and THAT'S! You've got website traffic stats. 2. Visualize the invisible: Turn dry numbers into dazzling dashboards. Charts, graphs, and even maps bring your data to life, making insights clear for everyone, even landlubbers! ️ 3. Automate everything: Tired of repetitive tasks? Splunk's got your back. Automate reports, alerts, and even incident response, freeing you to explore uncharted data territories. 4. Share the bounty: Collaboration is key! Splunk lets you share dashboards and reports with your team, making data-driven decisions a team sport. Teamwork makes the data kraken dream work! 5. Security's secret weapon: Hackers beware! Splunk monitors your systems like a hawk, detecting threats and breaches before they sink your ship. It's like having a data-powered security guard on duty 24/7. ️ Explore Splunk and discover what your data can do! Just use the right tools and a little curiosity, and you can tame even the largest challenges. #Splunk #DataAnalytics #BigData #Cybersecurity #LinkedIn

📊 70% of CISOs prioritize data loss prevention and data access control as key data security priorities. Our partners at NightDragon shared a deep dive into the current data trends top of mind for CISO's as part of their 2023 #CISOSurvival Guide. 🚀 Check out their blog on what data security trends 📈 to watch, including insights from top CISOs. Read the blog and download the full report here 👉 https://lnkd.in/eratinwx #DataSecurity #CISO #DataAccess #DataLossPrevention #DataTrends

NEW REPORT 📖 : Metomic's 2024 CISO Report is hot off the press. The report takes an in depth look at the current challenges and strategic priorities of CISOs. From ongoing threats like data breaches, phishing and malware attacks, to building a resilient security culture, the environment CISOs are navigating has never been more complex. If you're a CISO, or a data security leader, this report is for you! #SecurityCulture #DataSecurity #CISO #CyberSecurityAwareness

Check out these new features!

Exabeam’s new unified workbench harnesses the power of #generativeAI to streamline and centralize workflows for security analysts. The latest tools not only improve #TDIR capabilities but allows for more manageable networks and higher visibility. Learn more in iTWire.

There’s been no shortage of discussion on Data Centric Security, but Data-Centric Interoperability is one of the major the unspoken reasons **WHY** we are doing it. The recent SITE Summit was really a reminder of how important our work is with our partners. Take a read and let me know what you think. (H/t to folks like Paul Nicholson, Randy Resnick, Jeth R., Fred S., and Don Yeske to helping to bang that DCS/DCI drum and really get it!) #DataCentricInteroperability #DataCentricSecurity #RespectTheData https://lnkd.in/efzhR2-X

Ready for some not-so-breaking news? There’s an uptick in cyberattacks, and the challenges security teams face haven’t changed much in the last year - but Splunk's 2023 State of Security report found some favorable outcomes that can help teams build resilience. Join SURGe's Ryan Kovar and Mick Baccio for a deep dive into the report findings. Register here. #SplunkSecurity

🚀 Excited to share a glimpse into a recent project – a robust single-site Splunk Deployment Cluster I engineered! 📊 Consisting of: 🔹 Indexer Cluster: 3 peer nodes ensuring redundancy and scalability for data indexing. 🔹 Manager Node: Orchestrating the deployment, configuration, and monitoring of Splunk components. 🔹 License Manager: Ensuring compliance and optimizing license usage across the deployment. 🔹 Deployment Server: Facilitating centralized management of configurations and apps. 🔹 Deployment Client: Streamlining the deployment of configurations and apps across distributed environments. 🔹 Search Head: Providing the intuitive interface for real-time searches and analysis. What is Splunk, you ask? 🤔 It's not just another tool; it's a powerhouse Security Information and Event Management (SIEM) solution. 🛡️ From monitoring to parsing, storing to analyzing machine-generated data, Splunk empowers Security Operations Center (SOC) teams to enhance visibility and fortify defenses against evolving threats. Keen to learn more about Splunk? Dive into the details here: https://lnkd.in/geJerpZN #Splunk #SIEM #CyberSecurity #DataAnalysis #DeploymentEngineering 🖥️

🚀 #Splunk Threat Research Team Release 4.19.0!🚨 🔍 New Analytic Stories & Updates: 🌐 CISA AA23-347A: Dive into our latest Analytic Story. 📈 Abnormal Kubernetes Behavior: Leveraging Splunk Infrastructure Monitoring for deeper insights. 🛠️ Updated Analytic Story: Office 365 Account Takeover & Persistence Mechanisms. 🌟 Highlighting New Analytics: 🤖 Kubernetes Anomalies: Unveiling a series of new analytics by Matthew Moore, from network IO to unusual resource utilization. 🪟 Windows Security Enhancements: Unraveling new analytics for account discovery and system user privilege discovery. 🔧 Improved Analytic Experience: 🧩 Updated Azure AD analytics for better CIM Compliance. 📊 Enhanced MITRE ATT&CK navigator JSON files for RAT and Stealer analytic stories. 🔗 Explore More: - Repo: https://lnkd.in/gepz7ekR - Site: https://lnkd.in/gbs7DqZx - SplunkBase: https://lnkd.in/gs_6AbG8 Great work by the team: Mauricio Velazco Bhavin Patel Teoderick C. Lou Stella Gowthamaraj Rajendran Rod Soto Eric McGinnis Patrick Bareiß ! #Splunk #Cybersecurity #ESCU #Kubernetes #Office365 #WindowsSecurity