We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
A new Enterprise Security Content Update Analytic Story helps you monitor for suspicious events that could indicate that an adversary has compromised your cloud.
When facing the GDPR, your SIEM solution can be a great support for your organisation's compliance strategy, but if not strengthened - it can also be your downfall.
A monthly series of picked content from the Splunk security world. Each month will have a new selection of Splunk security presentations, white papers, or blog posts that you might have missed.
The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response