5 Tips to Keep Your Customers Safe this Holiday Season

After a record-breaking Cyber Monday (with online sales soaring to $6.59 billion - a 16.8% increase over last year), Adobe is predicting that this will be the first-ever holiday season to surpass $100 billion in online sales. This is clearly fantastic news if you're in e-...

It's HTTPS Time

I've been seeing an increase in requests for recommendations on adding the protection of HTTPS to client sites. Questions of cost and overall need are the most common.

Do you need HTTPS?

The standard response to this for years has been yes, if your users are sending sensitive data to your website. Data like credit card numbers, personally identifiable information such as Social Security, or confidential content like financial statements or payroll all qualify as sensitive. 
But, I would argue that...

Brute Force Attacks: Splunk Detection and Analytics


One of the longest-standing and most common challenges to both information security and web development teams is the brute force attack. Although this form of attack has been around for many years, it is still one of the most popular and widely used password-cracking methods. In terms of impact, brute force attacks are a very serious threat capable of affecting millions of accounts. If these attacks are not detected and addressed in a timely manner they can lead to theft of intellectual property and personally identifiable information, significant financial losses,...

Fighting Financial Fraud with Splunk


It comes as no surprise that as the banking industry is increasing its online presence, financial organizations are making fraud detection and prevention a top priority. Fraud can have a significant impact to organizations both financially and operationally. Of course, in addition to large monetary losses, damage to reputation and customer relations can also occur that further highlight the impact of fraud.

The ability for organizations to perform advanced analytics on their data is necessary to recognize and respond to patterns of fraud. Simply stated, quicker...

Cutting Risk in Half with Multi-Factor Authentication

We rely on usernames and passwords to access various systems throughout the technology world - from laptops to bank accounts, from cloud storage to blogs - our accounts are protected by these authentication mechanisms. It is easy to forget the importance of these account credentials, until it is too late - if a username and password are breached, an unauthorized user can erase, view, and copy highly sensitive data.


Our Whitepaper, Cutting Risk in Half, explores the different methods and real life examples of how much risk...

Splunking the Linux Audit System

For my last blog we discussed a Splunk topic geared towards the Windows side of the shop (Splunking Microsoft Windows Firewalls). So now it’s time to show some love to the Linux admins out there. More specifically, in today’s blog we will explore some tips for gaining insight into Linux audit logs using Splunk.

A little background on the Linux Audit System

The Linux Audit system provides a way to track security-relevant information on your...

Security Vulnerabilities - Who is to blame?

What used to be an occasional attack on celebrity computer systems, an occasional breach of security for major retailers, and even a rare glimpse into a government institution’s database, has become a common category of news. News and media outlets on regular hacks, breaches, and cyber attacks to celebrity cloud storage, major retail chains, and even recently, the U.S. Senate are constantly updating us. But, who is to blame for all of these attacks?

IT security, and therefore IT security data breaches rely not just on one resource for protection, but the combination of three: people...

Splunking Microsoft Windows Firewalls


Without exception, if you are an experienced security analyst, then you know the importance of firewall logs and the invaluable network traffic related data that they provide. Many of the key strategies of information security revolve around the network traffic of an organization and the rules that govern it. No matter the type of firewall, whether it is a hardware appliance or a software/OS level...

Troubleshooting the Splunk App for Enterprise Security


Welcome Splunkers! In this post, I'd like to talk about an issue I encountered recently when working on a Splunk App for Enterprise Security v2.2.1 (ES app) deployment and the approach I took in troubleshooting it. But before getting started, I'd like to congratulate Splunk and their Security Products team for winning the SC Magazine Award for "Best Security Information/Event Management (SIEM) Solution." Cheers to a job well done!

Initial Installation

As per...

Passwords: Sharks Can Smell a Breach a Mile Away

2013 is not shaping up to be a banner year for Internet security. 2012 saw data breaches like 6.5 million LinkedIn password hashes leaked, 420,000 member accounts from social network Formspring, Yahoo! Voices more than 400,000 usernames and passwords, 1.5 million passwords from the online dating site eHarmony. Twitter is the latest system to suffer an embarrassing security breach with accompanying data loss. Approximately 250,000 accounts holders have had their usernames, email addresses, session tokens and encrypted/salted versions of passwords stolen. Twitter has been as proactive as...

Stay In Touch