A difficult question we come across with many customers is ‘what does normal look like for my network?’. There are many reasons why monitoring for changes in network behaviour is important, with some great examples in this article - such as flagging potential security risks or predicting potential outages.
As many of us are rediscovering an interest in board games, it feels relevant to make reference to Hasbro’s classic Clue. Understanding what’s going right or wrong in your sprawling digital business can feel a lot like a murder mystery: it was the authentication service in the east region with the memory exhaustion error. This analogy has a weakness when applied to modern operations. The Clue board game had 6 weapons, 6 suspects, and 9 rooms. That’s 324 combinations.
The use of Serverless execution models is expanding extremely rapidly and cloud providers are continuing to enhance their platforms. Per Flexera’s “State of the Cloud” report: Leading this trend for the last two years, Amazon has released a few features that address AWS Lambdas’ pain points and make them a more feasible choice for large scale deployments consisting of numerous applications.
Sitting here in my home office reflecting the potential problems the world faces both in the short term and longer term, I can’t help but think back to my career before coming to Splunk. That time was spent on the ground working ‘in the real world’, maintaining the operational and security state of systems and networks. I can empathise with the huge pressures the entire IT chain from CIOs, CISOs, IT Managers and IT admins are under right now.
Our world has been turned upside down by COVID-19. Whether it's strategically planning our grocery run decontamination process, or trying to keep the kids quiet for even one single moment while on a conference call — things are different. One very evident difference is the change in the way we meet with each other. And one technology enabling this change is Zoom.
In light of COVID-19 related office closures, one thing we’ve seen and heard repeatedly is the “abandoned NOC.” People that are responsible for finding, escalating and resolving problems in your infrastructure and applications quickly are now having to work very differently. Two-minute hallway conversations are replaced with time-consuming emails, Slack, and virtual calls.
In the past few weeks, financial firms and governments have had to build and launch websites in a hurry — for a multitude of reasons including the emergency loan programmes that have been backed by various governments around the world including the USA and Europe.
Algorithms are at the heart of the technologies we use in virtually every facet of our daily lives — formulas and processes that help us connect, solve problems and accomplish amazing things. Things like better speech recognition and landing an autonomous rocket on a drone ship, or giving us really great Netflix recommendations. But an algorithm is just a set of rules or a set of tasks to perform given a certain input.
This blog post is part twenty-four of the "Hunting with Splunk: The Basics" series. I've been dealing with viruses for years, but this is the first time I've written a blog post where we are dealing with actual viruses. Ever since the 2004 tsunami, I have witnessed cyber-baddies using current events to trick users into opening documents or clicking on links. The COVID-19 breakout is no different.
A lot has changed in the past few weeks. And the percentage of us working from home (WFH) has increased tremendously. With increased WFH, we rely more on email communication, and this increases the opportunities for abuse by others. One thing that has stayed constant: bad people want to do bad things. As we have seen in the past, when one avenue of attack is restricted, the fraudsters redouble their efforts in other areas, and online fraud attempts are already increasing during our new normal.
