false
Marcus LaFerrera

Marcus LaFerrera

US | JP | Pentagon | DARPA | Splunk

Security 2 Min Read

Introducing Synthetic Adversarial Log Objects (SALO)

Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.
Security 2 Min Read

Introducing ATT&CK Detections Collector

Automate and simplify finding detections against ATT&CK techniques used by adversaries with Splunk SURGe's open-sourced project, ATT&CK Detections Collector (ADA).
Security 9 Min Read

Log4Shell - Detecting Log4j Vulnerability (CVE-2021-44228) Continued

Good news, you can use Splunk to proactively hunt using Network Traffic and DNS query logs data sources to detect potential Log4Shell exploit. From Splunk SURGe, learn even more detections against CVE-2021-44228.
Security 4 Min Read

CISA’s Known Exploited Vulnerabilities Catalog and Splunk

Accompanying today’s announcement from CISA (BOD 22-01) and their new Known Exploited Vulnerabilities Catalog, SURGe and Splunk Threat Research Team (STRT) have coordinated to add functionality into Enterprise Security Content Updates (ESCU). This added functionality will help network defenders understand vulnerability context alongside relevant ESCU detections.
Security 4 Min Read

High(er) Fidelity Software Supply Chain Attack Detection

Software supply chain attacks are not going away. As our network defenses improve, adversaries must move up the chain to stay a step ahead of our defenses.
Security 9 Min Read

A Golden SAML Journey: SolarWinds Continued

The SolarWinds Orion compromise resulted in the first recorded use of Golden SAML in the wild. Learn how you can start detecting this in Splunk now.