Security Articles and Resources

The first log that I wanted to parse with our new Splunk Enterprise system was catalina.out log from our CAS server. CAS, or Central Authentication Server, is a web-based, federated, single sign-on service available at http://www.jasig.org/cas/. We use it for, among other things, our authentication for Google Apps for Education. This post contains affiliate links, which means I may receive a small …

Why Are HTTP Security Headers Important? When a user visits your website, their browser and your server exchange a variety of HTTP headers. These headers control caching, content policies, and, crucially, security settings. Without proper configuration, attackers can exploit browser vulnerabilities to steal data, inject malicious scripts, or manipulate user sessions. By setting the right security …

Understanding CAS and Its Importance Central Authentication Service (CAS) is widely used in enterprises and educational institutions to provide single sign-on (SSO) authentication. Tracking which CAS services are most frequently accessed can offer valuable insights into user behavior, application usage, and potential security concerns. Splunk is a powerful tool that can analyze authentication logs …