Introduction to Intrusion Detection With Splunk The Windows Event Logs & Finding Evil module familiarized us with log exploration on a single machine to pinpoint malicious activity. Now, we’re...
Splunk Applications Splunk applications, or apps, are packages that we add to our Splunk Enterprise or Splunk Cloud deployments to extend capabilities and manage specific types of operational data....
What Is Splunk? Splunk is a highly scalable, versatile, and robust data analytics software solution known for its ability to ingest, index, analyze, and visualize massive amounts of machine...
Threat Hunting Definition The median duration between an actual security breach and its detection, otherwise termed “dwell time”, is usually several weeks, if not months. This implies a potential...
Section One: Windows Event Logging Basics Windows Event Logs are an intrinsic part of the Windows Operating System, storing logs from different components of the system including the system...
SIEM Definition & SIEM Fundamentals What Is SIEM? Crucial within the realm of computer protection, Security Information and Event Management (SIEM) encompasses the utilization of software offerings and solutions...