Took some time to speak to FIRST attendee regarding some of the lessons learned at Zenedge fighting bot attacks. In the presentation, I covered an attacker whom persistently kept coming back to a customer and bypassing our mitigation techniques and how we evolved to protect ourselves.
Just finished 2 blog post on the Splunk blog which covers how to get started with Ansible and deploy harden Splunk instances. Also dive I into how to deploy and manage multiple custom Splunk environment in AWS using Ansible.
Just finished a post over at Splunk blog regarding using EC (Elliptical Curve) certs with in Splunk. Although the explanation was geared towards someone deploy the keys in a Splunk deployment the key pair could be used in any situation (proxy, web server etc.