August 2022
Open Cybersecurity Schema Framework (OCSF) Project
Splunk is excited to participate in the recently announced Open Cybersecurity Schema Framework (OCSF) project. OCSF is an open-source standard, delivering a common and extensible, vendor-agnostic taxonomy to help all security teams realize better, faster data ingestion and analysis without the time-consuming up-front normalization tasks.
Splunk, together with co-founding member AWS, worked together with 16 other leading cybersecurity and technology organizations, including Cloudflare, CrowdStrike, DTEX, IBM Security, IronNet, JupiterOne, Okta, Palo Alto Networks, Rapid7, Salesforce, Securonix, Sumo Logic, Tanium, Trend Micro, and Zscaler. This coalition represents a wide spectrum of security technologies, which aligns with the project’s goal to become the security event standard for any environment, application, or solution provider, and fits with existing security standards and processes.
Check out our blog to learn more. Interested in the OCSF project itself or how to become a contributor? Visit the project page at https://github.com/ocsf.
Enterprise Security Content Update v3.46.0
The recent release of Enterprise Security Content Update (ESCU) includes 24 new detections and 5 new analytic stories, which you can find on GitHub, Splunkbase, or via API update in Splunk Security Essentials (SSE). Below are a few release highlights, or you can explore further at research.splunk.com:
Security Made Stronger with Splunk UBA 5.1
Splunk User Behavior Analytics (UBA) version 5.1 is here. In this new version, Splunk continues to build upon our industry-leading behavioral analytics platform. UBA 5.1 provides new operating system support, installation and configuration upgrades, security vulnerability patches and per data source custom configuration. To learn more, check out the blog.
Splunk Detections: Malicious Payloads and Destructive Software
The Splunk Threat Research Team (STRT) actively monitors the emergence of new cyber threats within ongoing events in Eastern Europe, and recently developed several detections to help defend against malicious payloads and destructive software.
View our on demand webinar to learn more about:
Splunk SOAR and Splunk Enterprise Security Named Customer Favorites by TrustRadius
Splunk is honored to be the recipient of a series of awards from TrustRadius—all based on customer reviews. In the security category, Splunk SOAR and Splunk Enterprise Security came out on top!
Not too shabby! To learn more about the TrustRadius awards, check out the blog. You can also leave your own review here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.