Guess who's headed to #BHUSA? If you said the #SplunkSecurity crew, then you've hit the jackpot. 🎰 Join us in Las Vegas for insight into how Splunk is powering the #SOC of the future through unified threat detection, investigation and response: https://splk.it/3WCSFdu
Splunk’s Post
More Relevant Posts
-
Quick trip to Las Vegas to showcase how #SplunkSecurity is powering the #SOC of the future? Don't mind if we do. 😎 That's right, folks - we're heading to #BHUSA next month and we hope to see you there! Get all the details and when and where you can learn about Splunk's unified threat detection, investigation and response right here: https://splk.it/465dhy3
To view or add a comment, sign in
-
#Cohesity has teamed up with #CrowdStrike to integrate Falcon Adversary Intelligence into its Data Protection Platform! With this new integration, organizations can bring their own threat intelligence to boost threat detection, run stealthy investigations on backup data, and reduce the risk of reattacks. Elevate your data protection and threat response strategy today! @Cohesity
To view or add a comment, sign in
-
Still around #CrowdStrike #2 Preliminary Post Incident Review (PIR) from CrowdStrike has been published, worth reading, link in the comment. A lot of information that helps you understand what happened, what "Rapid Response Content" is, etc. But also an announcement of changes and better control for customers on the operation of Falcon in their environments: "Provide customers with greater control over the delivery of Rapid Response Content updates by allowing granular selection of when and where these updates are deployed." As I understand it, we need to wait a moment for full Root Cause Analysis😎
To view or add a comment, sign in
-
Vice President of Sales | Cybersecurity Services and Staff Augmentation in IT, AI and Cybersecurity | VerTALENTS & VerSprite
If your organization has been impacted by the recent CrowdStrike outage and needs additional assistance in fixing the issue, please let me know. I can support you with temporary assistance to ensure your operations continue smoothly.
To view or add a comment, sign in
-
Crowdstrike released what looks like is their full incident report on their IT Outage incident. I updated my diagram to include the 6 "failures" they documented. I highlighted new information in blue, and pointed to various stages of the pipeline where I think they are talking about where the failure occurred. My current take is if they had one compensating control on any 1 of these 6 failures, this outage would've been mitigated. Here's the link: https://lnkd.in/e2Zkk9hc
To view or add a comment, sign in
-
Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures | Splunk
Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures | Splunk
amp.splunk.com
To view or add a comment, sign in
-
So, are we all over the world's largest DDoS event yet? It has been done to death, and there's plenty more to come from many publications that obviously don't really understand what they're reporting on. But what did we learn, other than CrowdStrike has (had?) a much larger install base than most people probably expected? We learnt that there's still a strong argument for not allowing random updates into your environment without doing your own due diligence first. Granted, it's not always going to be possible - I am not familiar enough with CrowdStrike Falcon to know if this is an option within their ecosystem. Where it is possible though, it's worth considering what a patch induced outage would mean to your business and what resilience options best suit your needs/resources. What hat are you wearing today? #awarenessmatters #cyberawareness #securityawareness
To view or add a comment, sign in
-
Still around #CrowdStrike #1 I've read some criticisms mentioning that organizations that relied on Falcon's auto-update as software itself are to blame. However, it is worth mentioning that it was an update as part of the "..."Channel Files" and are part of the behavioral protection mechanisms used by the Falcon sensor. Updates to Channel Files are a normal part of the sensor's operation and occur several times a day in response to novel tactics, techniques, and procedures discovered by CrowdStrike." (from https://lnkd.in/diQnEDct) It is worth remembering that updates to the sensor itself can be controlled via "sensor update policies". As part of the Falcon configuration, you can use staging updates, e.g. the latest versions (n) are available for testing, while for prod you use versions n-1 or n-2. There are organizations that, despite implementing this mechanism, still experience outage. I guess we were more used in community to the fact that by updating signatures/behavioral mechanisms of EDR can, for example, block critical processes and not immediately cause a BSOD... on the other hand, blocking the explorer.exe or svchost.exe process could also have serious consequences.
To view or add a comment, sign in
-
If anyone is affected by the crowdstrike event, then they can follow these steps to run the system
To view or add a comment, sign in
-
Sales & Marketing Rainmaker and Super Connector Helping Subject Matter Experts and Professional Creatives Build Brands and Make Money.
CrowdStrike has one job, to prevent and avoid these kinds of events, not be the cause of them! So now, not only is travel (both personal AND business) being disrupted globally, financial institutions, emergency services and hospitals have been severely affected. If shit really does roll downhill, the repercussions are going to ripple far and wide. This also speaks to a much larger issue of our dependence on technology in general and how vulnerable our global technical infrastructure really is. Needless to say, their shares are tanking in real time right now.
To view or add a comment, sign in
686,921 followers