Security Blogs
Latest Articles
Hunting M365 Invaders: Dissecting Email Collection Techniques
The Splunk Threat Research Team describes various methods attackers may leverage to monitor mailboxes, how to simulate them and how teams can detect them using Splunk’s out-of-the-box security content.
Elevating Security: The Growing Importance of Open Cybersecurity Schema Framework (OCSF)
Splunker Paul Agbabian shares what's new in the Open Cybersecurity Schema Framework (OCSF) and how profiles can augment the natural structure of event classes and categories.
Explore the AI Frontier in Splunk’s State of Security 2024
Splunk's State of Security 2024: The Race to Harness AI report reveals the insights, aspirations, and challenges of security leaders.
How To Start Threat Hunting: The Beginner's Guide
Ready to hunt threats? Starting a hunt in a new data environment? This is the place to begin! We've got you covered in this threat hunting 101 tutorial.
Staff Picks for Splunk Security Reading April 2024
Splunk security experts share their list of presentations, whitepapers, and customer case studies from April 2024 that they feel are worth a read.
Detecting & Hunting Named Pipes: A Splunk Tutorial
Named pipes can be threats, too. In this comprehensive article, we are going to talk about detecting, hunting and investigating named pipes.
From Water to Wine: An Analysis of WINELOADER
In this blog post we'll look closely at the WINELOADER backdoor and how Splunk can be used to detect and respond to this threat.
Splunk SOAR Playbook of the Month: Cisco Umbrella DNS Denylisting
Cisco and Splunk can help users achieve more comprehensive security with a playbook that combines the power of Cisco Umbrella and Splunk SOAR.
Splunk at RSAC 2024: Powering the SOC of the Future
Visit Splunk at RSAC 2024 and see how we can help you evolve to the SOC of the future.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
