Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
Staff Picks for Splunk Security Reading September 2020
By
Ryan Kovar
|
Howdy, folks! A new month, so a new list of security picks! Splunk security nerds (employees and customers) like to make things. They like to make LOTS of things. But sometimes...they get lost! So as we promised in early 2018, we are bringing you some golden security nuggets you might not have seen before. These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read.
Check out our monthly staff security picks and our all-time best picks for security books and articles. I hope you enjoy!
|
BOTS |
Yeah. I'm doing this. Damn, right I am! Why? Because this is going to be our BIGGEST Boss of the SOC ever, with some massive changes to our backends, and you'll get a peek into the future of BOTS. This year, we will dive into AWS, GCP, ZOOM, breaking vulnerabilities, GSUITE, Azure, and even biologically modified toads. We will be running 3 different sessions for APAC, EMEA, and the Americas. Three different regions... but one single global winner. Read the blog, register for .conf, and BOTS, and we will see you on 19OCT2020! |
|
BOTSBOTS |
Introducing the all-new Adversary Emulation Plan Library by Jon Baker and Forrest Carver MITRE has launched its Adversary Emulation Library. It's a structured, freely available resource to help organizations create plans to test their defenses against specific adversaries. I'm excited to see one of the first major products to emerge from MITRE Engenuity's Center for Threat-Informed Defense. We expect more high-quality resources like this one from this innovative team within MITRE over the next months and years! |
|
BOTSBOTSBOTS |
The Hacker and the State by Ben Buchanan I believe a few months ago I may have mentioned this book was just being released, so I carved out some time to have a read over Labor Day weekend and I really wanted to share that with you this month. Ben looks at how nation states utilize cyber and uses events, primarily over the last 25 years to illustrate these activities. The book is divided into three sections; espionage, attack, and destabilization. Each section covers different subsections like encryption algorithms released in early 2000 by NIST for comment that were identified to have flaws in them, placed by others, that eventually found their way to RSA and Juniper, among others, with disastrous outcomes. Coercion, like the kind of pressure and attacks put on Sony as they were to release The Interview are shared and election interference and the confluence of active measures and cyber in recent elections are also discussed. The book closes with the author's thoughts on hacking and how it can be a solid tool for shaping geopolitical outcomes, but that it really isn't a good way to signal to other countries intent and because of the asymmetry of these actions, these capabilities are being enhanced by countries around the world rapidly and the challenges this causes everyone. |
|
BOTSBOTSBOTSBOTS |
Supply Chain Hackers Indicted by US Justice Department by Brian Krebs Seven Chinese nationals have been indicted by the US Justice Department for taking part in hacking campaigns for over a decade. The seven men are part of the APT41 hacking group, and targeted organizations to steal source code, code signing certificates and other information. One of the allegations I find particularly fascinating is that they would hack a software company to infect their code, with the target being farther downstream. Supply chain attacks are effective ways to bypass a targets defenses, by coming in through a trusted party. |
Related Articles
About Splunk
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
