false
Registration for .conf25 is open! Join us in Boston September 8–11.
Registration for .conf25 is open! Join us in Boston September 8–11.
Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.

Latest Articles

Security 13 Min Read

Obey My Logs! AI-Powered Compromised Credential Detection

Splunker Shannon Davis shares a closer look into how to detect compromised credentials with AI-powered PLoB.
Security 1 Min Read

Introducing… The Threat Hunter’s Cookbook!

The security experts on the SURGe team have released The Threat Hunter’s Cookbook, a hands-on guide for security practitioners that features actionable insights into threat hunting methods, ready-to-use queries, and more.
Security 4 Min Read

Securing the Unseen

Learn how Splunk Asset and Risk Intelligence unifies IT/OT visibility, enhances threat detection, and ensures compliance.
Security 9 Min Read

Now Available: OCSF Translation with Splunk Edge Processor

Splunk Edge Processor now translates raw data to OCSF format using new SPL2 commands.
Security 2 Min Read

Splunk Security Content for Threat Detection & Response: July Recap

Learn about the latest security content from Splunk.
Security 3 Min Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Security 12 Min Read

Beyond the Patch: SharePoint Exploits and the Hidden Threat of IIS Module Persistence

The cybersecurity landscape witnessed a perfect storm in July 2025 when multiple critical SharePoint vulnerabilities collided with sophisticated IIS module-based persistence techniques, creating a nightmare scenario for enterprise defenders.
Security 10 Min Read

CitrixBleed 2: When Memory Leaks Become Session Hijacks

Discover how to detect, mitigate, and respond to CitrixBleed 2 (CVE-2025-5777), a critical Citrix NetScaler ADC and Gateway vulnerability exploited in the wild.
Security 20 Min Read

Unlocking Endpoint Network Security Insights with Cisco Network Visibility Module (NVM) and Splunk

Unlock deep endpoint network security insights by integrating Cisco NVM with Splunk.
Security 13 Min Read

Beyond The Click: Unveiling Fake CAPTCHA Campaigns

Learn how clipboard hijacking delivers malware and explore tools like ClickGrab & PasteEater for robust defense strategies.
Security 4 Min Read

Splunk @ SAPPHIRE 2025 Recap: How SAP Customers Use Splunk for World-Class Observability and Security

Splunker Keith Hontz shares a look at the Splunk highlights from SAP SAPPHIRE 2025.
Security 2 Min Read

Splunk Security Content for Threat Detection & Response: June Recap

Learn about the latest security content from Splunk.
Security 16 Min Read

When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.
Security 4 Min Read

Threat Hunting with TLS/SSL Certificates

TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!
Security 6 Min Read

How To Use CloudTrail Data for Security Operations & Threat Hunting

This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Security 4 Min Read

Hunting with SA-Investigator & Splunk Enterprise Security (SIEM)

Discover how Splunk Enterprise Security and the SA-Investigator add-on empower analysts to streamline threat hunting and incident response. Learn how to pivot across assets, identities, and processes for deep-dive investigations and actionable insights. Happy hunting!
Security 7 Min Read

Hunting for Threats in VPCFlows

This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.
Security 13 Min Read

XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.