#splunk — Public Fediverse posts

@da_667 i guess my only question would be how come you aren't doing pkt cap and decryption 24/7 #c2 detection #evasive #arkime #zeek #elastic #kibana #splunk #national treasure

@da_667 i guess my only question would be how come you aren't doing pkt cap and decryption 24/7 #c2 detection #evasive #arkime #zeek #elastic #kibana #splunk #national treasure

@da_667 i guess my only question would be how come you aren't doing pkt cap and decryption 24/7 #c2 detection #evasive #arkime #zeek #elastic #kibana #splunk #national treasure

@da_667 i guess my only question would be how come you aren't doing pkt cap and decryption 24/7 #c2 detection #evasive #arkime #zeek #elastic #kibana #splunk #national treasure

It is very easy to use our vulnerability data with Splunk https://splunkbase.splunk.com/app/4190/ #vuldb #splunk #logging

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

#Cisco ’s #Splunk will fold #Galileo in with its #ITops products, but #AI apps and #observability introduce a new layer of management that's up for grabs in enterprises.

See what industry experts and practitioners have to say about this organizational conundrum here --> https://www.techtarget.com/searchitoperations/news/366641600/Cisco-Galileo-buy-reflects-blurring-lines-in-AI-observability

When you interact with Bedrock services, your logs get put into a cloudwatch log group. That sounds great, right? Except ALL bot interactions get put into the SAME log group, making differentiating all those logs a pain.

That's where FireHose comes in, and I wrote some custom lambda to achieve this. All shared at the link in the image :D

#AI #Bedrock #Firehose #Splunk #Elastic

Zobacz jak polować na włamywaczy i na czym polega obsługa incydentów w SOC

W piątek 17 września, o godzinie 19:00 robimy lajwa pt. “Jak naprawdę wygląda praca w SOC“. Zapisać może się każdy, wystarczy kliknąć na poniższy przycisk:

Zapisz się, nawet jeśli ten termin Ci nie pasuje, bo każdy kto się zapisze, otrzyma od nas wieczysty dostęp do nagrania po zakończeniu transmisji. Możesz też otrzymać certyfikat potwierdzający udział.
Threat hunting, w ramach którego poluje się na cyberprzestępców, to bardzo ciekawa praca. Właśnie tym zajmują się pracownicy tzw. SOC-ów (ang. Security Operations Center). Na lajwie pokażemy z jakich narzędzi korzystają, aby wykrywać zagrożenia i obsługiwać incydenty w małych i dużych firmach. Część z tej wiedzy przyda Ci się nie tylko w firmie — możesz ją wykorzystać do ochrony domowej sieci. A jeśli przeszło Ci przez myśl, żeby zmienić pracę i dołączyć do zespołu SOC w jakiejś firmie (albo dopiero zaczynasz swoją karierę w IT), to już w ogóle nasz piątkowy LIVE będzie dla Ciebie idealnym drogowskazem, jak to zrobić i na co uważać.
Co dokładnie pokażemy?
W trakcie spotkania zobaczysz 2 demonstracje:

‍ Jak wyglada analiza przykładowego incydentu?
‍ Jak wygląda przykładowy Threat Hunting

A oprócz tego pokażemy też:

narzędzia używane w profesjonalnych SOC-ach wraz ze szczerym omówieniem wad i zalet (Splunk, Wazuh, Elastic, MITRE, OpenCTI, MISP),
różne stanowiska w SOC-ach oraz to, co powinieneś umieć, aby rozpocząć na nich pracę,
jak zbudować domowy SOC,
gdzie w SOC-ach jest miejsce dla AI i agentów,

Będzie też sekcja Q&A z Michałem Garcarzem, który ma 30 lat doświadczenia w obszarze cyberbezpieczeństwa, a od ponad 10 lat buduje i nadzoruje różne SOC. [...]

#Elastic #MichałGarcarz #MISP #MITRE #OpenCTI #Praca #SecurityOperationsCenter #SOC #Splunk #Wazuh

https://niebezpiecznik.pl/post/zobacz-jak-polowac-na-wlamywaczy-i-na-czym-polega-obsluga-incydentow-w-soc/

Instant Domain Matching Logic for Splunk via Uncoder AI – Source: socprime.com https://ciso2ciso.com/instant-domain-matching-logic-for-splunk-via-uncoder-ai-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #SOCPrimePlatform #socprimecom #UncoderAI #socprime #Splunk #Blog #SPL

How CISOs can talk cybersecurity so it makes sense to executives https://www.helpnetsecurity.com/2025/05/05/ciso-talk-cybersecurity-executives/ #securitycontrols #cybersecurity #OptivSecurity #securityROI #Don'tmiss #boardroom #cyberrisk #Features #Hotstuff #strategy #opinion #Splunk #Team8 #News #CISO #tips #CXO

Let AI Catch the Bugs: Uncoder AI Validates Detection Rule Syntax and Logic – Source: socprime.com https://ciso2ciso.com/let-ai-catch-the-bugs-uncoder-ai-validates-detection-rule-syntax-and-logic-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #SOCPrimePlatform #socprimecom #socprime #Splunk #Kusto #Blog #SPL

From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC

From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC

From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC

From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action – Source: socprime.com https://ciso2ciso.com/from-iocs-to-queries-how-uncoder-ai-automates-threat-intelligence-action-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #MicrosoftSentinel #SOCPrimePlatform #socprimecom #socprime #Elastic #Splunk #Kusto #Blog #STIX #IOC

HIRING: Security Operations Center (SOC) Analyst
/ Remote, LATAM

👉 https://infosec-jobs.com/J93252/

#InfoSec #infosecjobs #CyberSecurity #CyberCareer #cyber #security #jobs #cyberjobs #jobsearch #techjobs #hiring #SOC #SOCAnalyst #AnalystJobs #remotejob #contractjob #Splunk #SIEM #SIEMjobs

About damn time. 😶

https://www.splunk.com/en_us/newsroom/press-releases/2023/cisco-to-acquire-splunk-to-help-make-organizations-more-secure-and-resilient-in-an-ai-powered-world.html

Analysis to follow via @Sageable

#Splunk @Splunk #Cisco @Cisco #Observability #AIOps #Networking #Cybersecurity #SIEM #MandA #Acqusition

Part deux of my #observability and #datamanagement feature series.

https://www.techtarget.com/searchitoperations/feature/Enterprises-rework-log-analytics-to-cut-observability-costs

#loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama

Part deux of my #observability and #datamanagement feature series.

https://www.techtarget.com/searchitoperations/feature/Enterprises-rework-log-analytics-to-cut-observability-costs

#loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama

Part deux of my #observability and #datamanagement feature series.

https://www.techtarget.com/searchitoperations/feature/Enterprises-rework-log-analytics-to-cut-observability-costs

#loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama

Part deux of my #observability and #datamanagement feature series.

https://www.techtarget.com/searchitoperations/feature/Enterprises-rework-log-analytics-to-cut-observability-costs

#loganalytics #splunk #coralogix #netflix #puma #streaminganalytics #itmanagement #itmonitoring #monitorama

Cribl raises $200M to help enterprises do more with their data - At a time when remote work, cybersecurity attacks and increased privacy and compli... - http://feedproxy.google.com/~r/Techcrunch/~3/4w_EfOzoO1g/ #informationtechnology #redpointventures #storagesolution #recentfunding #citiventures #datasecurity #crowdstrike #enterprise #clintsharp #scottraney #developer #computing #startups #greylock #funding #datadog #exabeam #sequoia #splunk #cloud #cribl #crv #ivp #tc

MaC Ventures, the brainchild of Adrian Fenty and Marlon Nichols, is quietly making its first investments - MaC Ventures, the new Los Angeles-based investment firm formed from the merger of Cross Culture Vent... more: http://feedproxy.google.com/~r/Techcrunch/~3/QeS4Ej6lomE/ #crosscultureventures #andreessenhorowitz #entrepreneurship #venturecapital #marlonnichols #intelcapital #troycarter #sumologic #articles #business #blavity #economy #twitter #splunk #tc