Hemant Seth's Blog Posts
Hemant is a Principal Product Manager at Splunk, leading the Kubernetes Monitoring offering within Splunk Observability Cloud. Prior to this role, he focused on Splunk Observability Platform administration, including identity management and license usage. Hemant brings over a decade of experience in the observability domain and holds a Master’s degree in Electrical Engineering with a specialization in Telecommunications.
Display Mode
Paginated
Filter
Author
Author URL
Limit
6
Ransomware Groundhog Day: Elevating Your Program in a High-Threat Environment
REvil attackers exploited Kaseya, a highly trusted management software. Here's how security leaders can take actionable steps to improve your business's defenses.
REvil Ransomware Threat Research Update and Detections
On July 2, 2021, REvil group used Kaseya to distribute malware to its on-premises customers. Splunk has pushed out guidance to help understand and detect REvil. Learn more about the REvil ransomeware group, their tactics, and how to detect them using Splunk.
Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt
Kaseya VSA, remote monitoring management (RMM) software heavily used by managed service providers (MSP), was compromised by REvil, and is being used to distribute ransomware to its on-premises customers. Find out more on how to detect REvil in your environment.
Debugging Microservices with Distributed Tracing and Real-Time Log Analytics
Learn more about how Splunk APM and Splunk Log Observer make debugging microservices with distributed tracing and real-time log analytics fast and easy.
Fashionably Late: The Zero Trust Trend is Here to Stay
Whether you were hip to the zero trust trend before it started being cool, or are arriving fashionably late, learn how to leverage a data-driven approach to achieve zero trust outcomes and improve the overall security capabilities of the organization in the process.
I Pity the Spool: Detecting PrintNightmare CVE-2021-34527
Read on for details around Detect PrintNightmare (CVE-2021-34527), a critical vulnerability that affects the Print Spooler service and can perform remote code execution.