Are you storing data and private information of New York residents? The state has enforced breach notification law Stop Hacks and Improve Electronic Data Security (SHIELD) Act updating the scope and requirements for consumers’ sensitive information protection. In...
Now security analysts are able to collect data fast and flexibly with a new feature. Traffic Mirroring in AWS has given an ability to transfer the traffic to a SIEM (like Splunk) and analyse it. This is targeted for cases when you need: -to analyze the actual packets...
Intro Working for our client with a database hosted on Amazon, we have faced the case of forwarding MySQL log files in AWS to Splunk in order to monitor connections to the DB. According to safety measures it was important to detect unusual user activity in case...
We at UnderDefense believe that cybersecurity is a must-have for any successful business. As far as the threat landscape continues to evolve, many customers now demand it more than before. Almost all new companies utilize Cloud for their operations as well...
Are you familiar with a pain of trying to install or update a large number of Splunk universal forwarders using only Splunk toolkit? It seems impossible. That is where the work of “configuration management” tools makes a true difference in the everyday life of Splunk...
In 2011 Benjamin Delpy released his side project that most recently became a key component of some ransomware worms that spread across Europe. Mimikatz became a ubiquitous tool in all manner of hacker penetrations, allowing intruders to quickly leapfrog from...
