At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

A few days ago, our team released Calico v3.16. As part of that release, we have marked the eBPF dataplane as “GA”, signalling that it is now stable and ready for wider use by the community. In this blog post I want to take you through the process of moving from tech-preview to GA.

Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.

Whether you are planning to use Graylog for security and threat hunting, IT Operations analysis and reporting, or any other use case, getting your logs into Graylog is essential. The process of log collection is sometimes a daunting task, especially if you are planning to collect massive amounts of data. But if you take a minute to answer some key questions before you begin, you can transform the log collection task from daunting to smooth sailing. Here we go with the questions...

In today's world, the need for organisations to have comprehensive cybersecurity solutions in place has never been greater. New vulnerabilities are exposed on a daily basis, and data breaches pose not only monetary but reputational risk.

OpenID Connect (OIDC) is an authentication layer based on OAuth 2.0 protocol that provides a way to identify and authenticate users via an authorization server. OAuth 2.0 authorization servers are managed by identity providers. In the domain associated with OIDC, they are also called OpenID Connect Providers (OPs). OIDC allows users to connect to web applications in a simplistic single sign-on (SSO) manner thanks to the identity provider.

Watching too many movies might give you the impression that cyber attacks are launched by well-funded masterminds able to control the internet at their whim. But really, successful attacks can be as simple as disguising some malicious software as a link to an often-used site, and tricking people into clicking it, known as phishing. The result is that many cyber attacks are carried out by taking advantage of unsuspecting end users.

The year 2020 has been a rollercoaster. With nearly every aspect of our daily lives flipped on its head, it’s hard to think of a single thing that went as planned or any of us were prepared for. That is, until it comes to our IT teams. The success of organizations during the reality of an unprecedented global pandemic is due in large part to IT pros’ preparedness and ability to adapt and manage through substantial change.

Database security is essential to keep your business’s data and files security from others that do not need access. Whether you are a small business owner or are a database administrator for a medium or large company, you need to have a solid understanding of data security basics.

Surprisingly, many organizations have yet to move beyond the traditional compliance-driven approach to cybersecurity. However, to address today’s risk of a cyber breach — which can lead to an organization’s data being compromised or a disruption to business operations — cybersecurity organizations need to focus on delivering the level of security required to protect corporate assets and align with the strategic goals and objectives of the business.