One of the defining features of snaps is their strong security. Snaps are designed to run isolated from the underlying system, with granular control and access to specific resources made possible through a mechanism of interfaces. Think of it as a virtual USB cable – an interface connects a plug with a slot. Security and privacy conscious users will certainly be interested in knowing more about their snaps – what they can do and which resources they need at runtime.

At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

A few days ago, our team released Calico v3.16. As part of that release, we have marked the eBPF dataplane as “GA”, signalling that it is now stable and ready for wider use by the community. In this blog post I want to take you through the process of moving from tech-preview to GA.

Splunk Phantom is a security orchestration, automation and response (SOAR) technology that lets customers automate repetitive security tasks, accelerate alert triage, and improve SOC efficiency. Case management features are also built into Phantom, including “workbooks,” that allow you to codify your security standard operating procedures into reusable templates.

In today's world, the need for organisations to have comprehensive cybersecurity solutions in place has never been greater. New vulnerabilities are exposed on a daily basis, and data breaches pose not only monetary but reputational risk.

OpenID Connect (OIDC) is an authentication layer based on OAuth 2.0 protocol that provides a way to identify and authenticate users via an authorization server. OAuth 2.0 authorization servers are managed by identity providers. In the domain associated with OIDC, they are also called OpenID Connect Providers (OPs). OIDC allows users to connect to web applications in a simplistic single sign-on (SSO) manner thanks to the identity provider.

Whether you are planning to use Graylog for security and threat hunting, IT Operations analysis and reporting, or any other use case, getting your logs into Graylog is essential. The process of log collection is sometimes a daunting task, especially if you are planning to collect massive amounts of data. But if you take a minute to answer some key questions before you begin, you can transform the log collection task from daunting to smooth sailing. Here we go with the questions...

Watching too many movies might give you the impression that cyber attacks are launched by well-funded masterminds able to control the internet at their whim. But really, successful attacks can be as simple as disguising some malicious software as a link to an often-used site, and tricking people into clicking it, known as phishing. The result is that many cyber attacks are carried out by taking advantage of unsuspecting end users.

The year 2020 has been a rollercoaster. With nearly every aspect of our daily lives flipped on its head, it’s hard to think of a single thing that went as planned or any of us were prepared for. That is, until it comes to our IT teams. The success of organizations during the reality of an unprecedented global pandemic is due in large part to IT pros’ preparedness and ability to adapt and manage through substantial change.