mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

7.6K
active users

#SplunkSecurity

0 posts0 participants0 posts today
Beth Pariseau<p>At first glance, there are some obvious ways the two companies could come together, but analysts and IT pros also identify potential snags as Cisco prepares to absorb Splunk for $28B.</p><p><a href="https://www.techtarget.com/searchitoperations/news/366552861/IT-pros-react-to-blockbuster-28B-Cisco-Splunk-deal" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">techtarget.com/searchitoperati</span><span class="invisible">ons/news/366552861/IT-pros-react-to-blockbuster-28B-Cisco-Splunk-deal</span></a></p><p><a href="https://hachyderm.io/tags/SIEM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SIEM</span></a> <a href="https://hachyderm.io/tags/observability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>observability</span></a> <a href="https://hachyderm.io/tags/securityanalytics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityanalytics</span></a> <a href="https://hachyderm.io/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://hachyderm.io/tags/Splunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Splunk</span></a> <a href="https://hachyderm.io/tags/splunksecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>splunksecurity</span></a> <a href="https://hachyderm.io/tags/cisco" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisco</span></a> <a href="https://hachyderm.io/tags/fullstackobservability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fullstackobservability</span></a> <a href="https://hachyderm.io/tags/securityanalytics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityanalytics</span></a> <a href="https://hachyderm.io/tags/securityautomation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityautomation</span></a></p>
gregf<p>I made a Splunk app for External Attack Surface Management (EASM). It's not going to compete with the big boys, but it's powerful, extensible, free and open-source.</p><p>It wraps an API around Project Discovery's recon tools, with <br>Splunk running discovery jobs and dashboarding results.</p><p>- <a href="https://splunkbase.splunk.com/app/7010" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">splunkbase.splunk.com/app/7010</span><span class="invisible"></span></a> (SplunkBase)<br>- <a href="https://github.com/gf13579/splunk_easm_worker" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/gf13579/splunk_easm</span><span class="invisible">_worker</span></a> (GitHub - Worker)<br>- <a href="https://github.com/gf13579/splunk_app_for_easm" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/gf13579/splunk_app_</span><span class="invisible">for_easm</span></a> (GitHub - App)</p><p><a href="https://infosec.exchange/tags/splunk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>splunk</span></a> <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/easm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>easm</span></a></p>
David J. Bianco (He/Him)<p>My colleague <span class="h-card"><a href="https://infosec.exchange/@iknowuhack" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>iknowuhack</span></a></span> just published the 3rd post in our <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatHunting</span></a> series, "Model-Assisted Threat Hunting (M-ATH) with the <a href="https://infosec.exchange/tags/PEAK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PEAK</span></a> Framework".</p><p>Find out how to leverage machine learning in your hunts!</p><p><a href="https://www.splunk.com/en_us/blog/security/peak-framework-math-model-assisted-threat-hunting.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">splunk.com/en_us/blog/security</span><span class="invisible">/peak-framework-math-model-assisted-threat-hunting.html</span></a></p><p><a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/SURGe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SURGe</span></a> <a href="https://infosec.exchange/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ML</span></a> <a href="https://infosec.exchange/tags/MachineLearning" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MachineLearning</span></a></p>
David J. Bianco (He/Him)<p>Are the CAs we rely on to validate web identities up to the task? Do any sign more than (or less than) their share of malicious certs? </p><p>I downloaded all 5B certs to find out.</p><p>New Blog: <a href="https://www.splunk.com/en_us/blog/security/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">splunk.com/en_us/blog/security</span><span class="invisible">/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates.html</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/SURGe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SURGe</span></a></p>
David J. Bianco (He/Him)<p>Just published the next blog in our <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/SURGe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SURGe</span></a> series on the <a href="https://infosec.exchange/tags/PEAK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PEAK</span></a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatHunting</span></a> Framework: "Hypothesis-Driven Hunting with the PEAK Framework"</p><p><a href="https://www.splunk.com/en_us/blog/security/peak-hypothesis-driven-threat-hunting.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">splunk.com/en_us/blog/security</span><span class="invisible">/peak-hypothesis-driven-threat-hunting.html</span></a></p><p>Look for future posts covering more hunt types and other framework topics coming soon!</p>
DomainTools<p>DomainTools <span class="h-card"><a href="https://mstdn.social/@gclef" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gclef</span></a></span> joins <span class="h-card"><a href="https://infosec.exchange/@DavidJBianco" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>DavidJBianco</span></a></span> tomorrow at 11AM PT to chat about their collaboration on a research project evaluating the trustworthiness of certificate authorities using <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a>. Be sure to tune in here: <a href="https://www.linkedin.com/events/7059605596509016064/comments/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/events/7059605596</span><span class="invisible">509016064/comments/</span></a></p>
David J. Bianco (He/Him)<p>I love this <a href="https://infosec.exchange/tags/RSAC23" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAC23</span></a> talk by Lillian Teng and my <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> colleague <span class="h-card"><a href="https://infosec.exchange/@audrastreetman" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>audrastreetman</span></a></span> on inclusive hiring in <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a>. </p><p>It's way too hard to get started in this field, and we're shooting ourselves in the foot. Learn how to hire better!</p><p><a href="https://www.rsaconference.com/USA/agenda/session/Rethinking%20Recruiting%20Effective%20Hiring%20Practices%20to%20Close%20the%20Skills%20Gap" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rsaconference.com/USA/agenda/s</span><span class="invisible">ession/Rethinking%20Recruiting%20Effective%20Hiring%20Practices%20to%20Close%20the%20Skills%20Gap</span></a></p>
David J. Bianco (He/Him)<p>Video of my <a href="https://infosec.exchange/tags/RSAC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAC</span></a> talk (as presented by <span class="h-card"><a href="https://infosec.exchange/@meansec" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>meansec</span></a></span>) is up! </p><p>"Trust Unearned? Evaluating CA Trustworthiness Across 5 Billion Certificates"</p><p>Video: <a href="https://www.rsaconference.com/USA/agenda/session/Trust%20Unearned%20Evaluating%20CA%20Trustworthiness%20Across%202%20Billion%20Certificates" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">rsaconference.com/USA/agenda/s</span><span class="invisible">ession/Trust%20Unearned%20Evaluating%20CA%20Trustworthiness%20Across%202%20Billion%20Certificates</span></a></p><p>Slides: <a href="https://speakerdeck.com/davidjbianco/trust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">speakerdeck.com/davidjbianco/t</span><span class="invisible">rust-unearned-evaluating-ca-trustworthiness-across-5-billion-certificates</span></a></p><p>Data: splk.it/CATrust</p><p><a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/SURGe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SURGe</span></a></p>
David J. Bianco (He/Him)<p>If you liked the <a href="https://infosec.exchange/tags/PEAK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PEAK</span></a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatHunting</span></a> framework we published last week, be sure to stop by the Splunk booth at <a href="https://infosec.exchange/tags/RSAC2023" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAC2023</span></a> (N-5770) on Wednesday at 1:30. PEAK co-creator <span class="h-card"><a href="https://infosec.exchange/@iknowuhack" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>iknowuhack</span></a></span> will be giving a short talk about it!</p><p><a href="https://www.splunk.com/en_us/blog/security/peak-threat-hunting-framework.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">splunk.com/en_us/blog/security</span><span class="invisible">/peak-threat-hunting-framework.html</span></a></p><p>@splunk <a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a> <a href="https://infosec.exchange/tags/SURGe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SURGe</span></a></p>
Tanya Janca | SheHacksPurple :verified: :verified:<p>It's that time of year... <span class="h-card"><a href="https://twtr.plus/users/splunk" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>splunk</span></a></span> has released it's "State of Security" report! First point they share is that 88% of respondents say it's near-impossible to hire security folks. Maybe they need some training? HMMMMM.<br><a href="https://www.splunk.com/en_us/form/state-of-security.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">splunk.com/en_us/form/state-of</span><span class="invisible">-security.html</span></a><br><a href="https://infosec.exchange/tags/SplunkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SplunkSecurity</span></a></p>