false
Rod Soto

Rod Soto

Worked at Prolexic, Akamai, Caspida. Won BlackHat CTF in 2012. Co-founded Hackmiami, Pacific Hackers meetup and conferences.

Security 7 Min Read

Approaching Linux Post-Exploitation with Splunk Attack Range

An introduction to linux post exploitation simulation and threat detection using Splunk Attack Range and linux Sysmon.
Security 6 Min Read

Detecting Ryuk Using Splunk Attack Range

A new alert, Ransomware Activity Targeting the Healthcare and Public Health Sector, issued by the CISA poses ongoing and possible imminent attacks against the healthcare sector. Learn how you can detect the Ryuk ransomware as payload with Splunk Attack Range.
Security 5 Min Read

Detecting Google Cloud Platform OAuth Token Abuse Using Splunk

Google Cloud Platform's Identity Access Management (IAM) permissions can be used to move laterally and escalate privileges. Learn how to detect GCP OAuth token abuse and remediate these events with Splunk.
Security 5 Min Read

Detecting CVE-2020-1472 (CISA ED 20-04) Using Splunk Attack Range

Microsoft's recent security disclosure of CVE-2020-1472 is extremely harmful to systems that have not been patched or lack mitigations in place. Learn how to prevent and detect CVE-2020-1472 using Splunk Attack Range.
Security 7 Min Read

Using Splunk to Detect Abuse of AWS Permanent and Temporary Credentials

In this blog, the Splunk threat research team shows how to detect suspicious activity and possible abuse of AWS Permanent and Temporary credentials.
Security 6 Min Read

Approaching Azure Kubernetes Security

Introduction to monitoring security in Azure Kubernetes Clusters using Splunk.