Drew Gibson
7 Strategic Benefits of Observability for Modern Enterprises
Discover 7 enterprise-level benefits of observability, from faster incident resolution to cost optimization, with real-world outcomes and examples.
15 Must-Have SIEM Features for Modern Threat Defense in 2026
Discover the 15 must-have features every modern SIEM needs, from real-time event correlation to UEBA, automation, and cloud support, to detect, investigate, and stop advanced cyber threats.
AI in SLED Is Evolving Fast—Here’s How to Stay Ahead
Splunker Cyrus Afkhampour explains why many SLED (State, Local, and Education) institutions face a critical decision as AI adoption accelerates.
Busywork Is Breaking the SOC — Here’s How to Fix It
It's time to re-imagine what success looks like in the SOC so the team stays focused on meaningful, strategic work.
Picture Paints a Thousand Codes: Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader
Uncover how to identify malicious executable loaders that use steganography to deliver payloads such as Quasar RAT.
Detecting Suspicious ESXi Activity Before Ransomware Happens
Learn to detect suspicious activity using Splunk, including log ingestion, common indicators, and comprehensive detection strategies for VMware ESXi environments.
Inside Kubernetes: A Practical Guide to K8s Architecture and Operational Challenges
Understand the core components of Kubernetes architecture, challenges in operating it, and how observability tools help monitor and optimize deployments.
Using RAG, Splunk ES Content Update App (ESCU), and MLTK to Develop, Enhance, and Analyze Splunk Detections
Learn how to enhance Splunk security detections using a local Llama3 LLM, RAG, MLTK, and ESCU.
Leveraging Machine Learning, Splunk Enterprise, the Splunk Edge Hub and MQTT for Data Integration
Leverage existing hardware to build new datasets and insights with the combined power of the Splunk Platform and Cisco Meraki.
