Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Enter the SOC of the Future in Splunk’s State of Security 2025
Splunk's State of Security 2025: The Stronger, Smarter SOC of the Future reveals the insights, aspirations, and challenges of security leaders.
Breaking Down Termite Ransomware: Infection Methods and Detections
Deep dive into Termite ransomware: Discover its infection methods, targeted vulnerabilities (like Cleo's CVE-2024-50623), and Splunk security detections.
Imposters at the Gate: Spotting Remote Employment Fraud Before It Crosses the Wire
Remote Employment Fraud actors don’t steal credentials—they’re issued them. This blog explores early detection and why security can’t face this threat alone.
Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Australia Is Investing in Resilience – Are Businesses Ready?
Splunker Craig Bates explains why the most immediate — and underestimated — consequence of disruption isn’t always data loss. It’s downtime.
Cloak and Firewall: Exposing Netsh’s Hidden Command Tricks
Learn about hidden Netsh command tricks, detection methods, and Splunk security detections to protect your Windows systems.
A Data-Driven Approach to Windows Advanced Audit Policy – What to Enable and Why
Maximize visibility without overwhelming your SIEM with this data-driven guide to Windows Advanced Audit Policy.
Splunk at RSAC™ 2025: Helping Users Build the SOC of the Future
Join Splunk at RSAC™ 2025 to discover cutting-edge security solutions for building the SOC of the Future. Explore data management, SIEM advancements, and more.
Supercharge Your SOC Investigations with Splunk SOAR 6.4
Splunker Nick Hunter explains how to integrate Cisco Talos threat intelligence, leverage Azure scalability, and streamline investigations.
The High Cost of Security Investigations
Splunk Asset & Risk Intelligence (ARI) can significantly reduce investigation costs, improve analyst efficiency, and accelerate threat containment.
Splunk Security Ops: Building the Blueprint for Success
Learn how Splunk Global Security runs ops at scale and enables the business by focusing on what matters—solving problems through data, automation, and collaboration.
Sequenced Event Templates via Risk-based Alerting
Splunker Haylee Mills explains how to convert sequenced events into actionable insights using SPL techniques to enhance anomaly detection and improve security analytics.
SOAR: Transforming Security and IT
Splunker Kassandra Murphy explains how to streamline workflows and boost efficiency across your organization with intelligent orchestration and automation.
Logs Are for Campfires: Integrate and Innovate With Splunk Asset and Risk Intelligence
Splunker Jerald Perry explains how to stay ahead of threats with streamlined workflows and comprehensive insights into your security posture.
Defending at Machine-Speed: Accelerated Threat Hunting with Open Weight LLM Models
Splunker Ryan Fetterman explains how Splunk DSDL 5.2 enhances cybersecurity operations, streamlining PowerShell script classification and reducing analyst workload by 250x.
Sinister SQL Queries and How to Catch Them
Discover comprehensive strategies for detecting and mitigating SQL Server attacks.
SNARE: The Hunters Guide to Documentation
Discover the SNARE framework for effective threat hunting documentation.
Exploring AI for Vulnerability Investigation and Prioritisation
Splunker James Hodgkinson explains how AI-driven tools can revolutionize vulnerability investigation and prioritization.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
