Security

Security

What the WEF... Choosing Windows Event Forwarding or Splunk Universal Forwarder

Forwarding Windows events and machine data into Splunk is essential, but this post isn't about the "why," it’s about the "how."

Security

The Five Essential Capabilities of an Analytics-Driven SOC: Proactively Hunt and Investigate

See how Splunk can take organizations from having zero visibility into threats, to building a rich and sophisticated platform with the ability to automate threat hunting

Security

I Need To Do Some Hunting. Stat!

Learn how to use the three different stats command for hunting adversaries in Splunk

Security

Why Big Data Protection is a Team Sport

Data protection and recovery requirements have moved beyond traditional security solutions

Security

The Five Essential Capabilities of an Analytics-Driven SOC: Advanced Analytics

Advanced analytics enables capabilities such as threat and vulnerability management, incident prioritization, advanced threat detection and threat hunting

Security

Peeping Through Windows (Logs)

This "Back to Basics" hunting blog post outlines several of the most common and useful event codes that hunters can look for from Windows Event Logs