Selim SeynurinSeynurNavigating Splunk Implementation (with Enterprise Security): A Practical ApproachIn this post, I’d like to go over a Splunk project implementation (on-premises) concerning security. This is based on our experiences as…Feb 19Feb 19
Selim SeynurinSeynurRisk-Based Alerting (RBA) with MITRE ATT&CK App for SplunkIn this post, I’d like to review Risk-Based Alerting (RBA) in the context of the MITRE ATT&CK App for Splunk with a sample usage. The goal…Jan 9, 2023Jan 9, 2023
Selim SeynurinSeynurIngesting Event Data from Splunk Forwarder/SC4S to KafkaThe goal of this post is to quickly test/analyze methods to send event data from Splunk Forwarders or SC4S to Apache Kafka deployments…Oct 24, 2022Oct 24, 2022
Selim SeynurinSeynurIngesting Syslog data to KafkaWhen working with event data analytics, especially for security purposes (i.e. SIEM), syslog becomes an important protocol to ingest data…Sep 27, 2022Sep 27, 2022
Selim SeynurinSeynurKafka + S3: Long-term searchable/queryable data retentionThe goal of this post is to provide an alternate solution for a question we have started to face with our clients. What is the best way to…Jan 8, 2021Jan 8, 2021
Selim SeynurinSeynurDetecting Cyber Threats with MITRE ATT&CK App for Splunk — Part 3In this part of the blog series I’d like to focus on writing custom correlation rules. The goal is to utilize MITRE ATT&CK App for Splunk…Jun 10, 2020Jun 10, 2020
Selim SeynurinSeynurDetecting Cyber Threats with MITRE ATT&CK App for Splunk — Part 2In this part of the blog series the goal is to utilize MITRE ATT&CK App for Splunk and associate custom/new correlation searches with…Apr 17, 2020Apr 17, 2020
Selim SeynurinSeynurDetecting Cyber Threats with MITRE ATT&CK App for SplunkThe purpose of this blog post is to share our experience and knowledge in our attempts to detect cyber threats with ®. Since we have a…Mar 12, 20203Mar 12, 20203