Rod Soto's Blog Posts

Worked at Prolexic, Akamai, Caspida. Won BlackHat CTF in 2012. Co-founded Hackmiami, Pacific Hackers meetup and conferences.

Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials
Security
7 Minute Read

Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials

In this blog, the Splunk threat research team shows how to detect suspicious activity and possible abuse of AWS Permanent and Temporary credentials.
Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk
Security
6 Minute Read

Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk

Approaching Kubernetes security. Detect and investigate Kubernetes cluster scan and fingerprinting using Splunk.
Splunk Attack Range Now With Caldera and Kali Linux
Security
3 Minute Read

Splunk Attack Range Now With Caldera and Kali Linux

An overview of the updates the Splunk Security Research Team has been working on for Splunk Attack Range, now with Caldera adversarial simulation framework and Kali Linux
Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)
Security
7 Minute Read

Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)

Using cloud infrastructure data model to detect possible container implantation (Mitre Cloud Matrix technique T1525)