All Posts
Lessons Learned: Integrating AWS MAC Instance in the Splunk Attack Range
Lessons Learned: Integrating AWS MAC Instance in the Splunk Attack Range note this blog was written by Teoderick and myself 🥷🕵️♂️ In November 2020, when AWS announced the general availability of macOS instances in AWS EC2 Cloud, the Splunk Threat Research Team took this opportunity to test and implement the instance as an additional endpoint in the Splunk Attack Range.
Collecting Github Traffic Stats into Splunk
Collecting Github Traffic Stats into Splunk It’s a bit since I blogged anything and I have been itching to dust 🧹 off my blog and start writing more tactical things I have been thinking or playing with.
Building CI pipeline for Splunk Content
Using CircleCI and Splunk AppInspect* Recently worked on writing and open sourcing https://github.com/splunk/TA-osquery. One of my goals was to make sure my code was in compliance with Splunk’s best practices at every stage of development.
Search the web from Splunk using Faroo
I have been away for a while, but been very busy at Github. Just wrapped up a app for Splunk that allows you to search the web using key words from a specific Splunk field.
Made a Auto Mitigation framework by turning Splunk UF into a EDR
Architected and built an auto-mitigation framework in Splunk that can automaticallty block attacks. Presented and showed the framework in Splunk .conf 2014.
