Drew Church's Blog Posts
Drew Church joined Splunk after almost a decade supporting the Department of Defense in various roles including security operations manager, system administration, and application development.
Display Mode
Paginated
Filter
Author
Author URL
Limit
6
Identifying BOD 23-02 Network Management Interfaces with Splunk
Splunker Drew Church explains the CISA-released directive to reduce risk from internet-exposed management interfaces, highlighting the threat of external remote services.
My Username Fields Have Passwords in Them! What Do I Do?
Sometimes, users put their password into a username field and it gets logged into Splunk – learn how to identify this behavior and remediate it with SOAR.
Detecting CVE-2020-0601 Exploitation Attempts With Wire & Log Data
Learn two simple techniques for detecting CVE-2020-0601 exploitation attempts using Splunk