Professional Services
Cyber Security
Splunk - General
<^>
- Log Management and Archiving: Centralize all log data for auditing and long-term retention.
- Log Collection: Collect logs from devices and applications, indexing them for fast searchability and storing them efficiently.
Splunk - Incident Response & Investigation
<^>
- Search and Filter: Search for specific indicators of compromise (IOCs) provided by the red team, or anomalies identified by the blue team.
- Contextualization: Use Splunk to build a narrative for a suspicious event, search for its parent process, network connections, file modifications, and user activity around that time.
- Root Cause Analysis: Dig deep into logs to identify the initial entry point and the vulnerabilities exploited and then refine playbooks.
Vulnerability Assessment
<^>
- Scope Definition & Planning: Identify Scope, Define Objectives, Establish Rules of Engagement.
- Network-based Scans: Use vulnerability scanner to scan networks, devices, and open ports for known vulnerabilities, misconfigurations, and outdated software.
- Vulnerability Analysis & Prioritization: Analyze Scan Results, Validate Findings, Assess Severity, and Generate a Comprehensive Report:
Add a footnote if this applies to your business
Contact Us
This website uses cookies.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.