Skip to main content
false
Michael Haag
Michael Haag

Michael Haag is Senior Threat Research at Splunk. Michael led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. An avid researcher, he is passionate about understanding and evaluating the limits of defensive systems. His background includes security analysis, threat research, and incident handling.

Security 5 Min Read

Security Insights: Jenkins CVE-2024-23897 RCE

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.
Security 6 Min Read

Security Insights: Tracking Confluence CVE-2023-22527

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.
Security 6 Min Read

Security Insights: Investigating Ivanti Connect Secure Auth Bypass and RCE

The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.
Security 7 Min Read

Ghost in the Web Shell: Introducing ShellSweep

Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.
Security 17 Min Read

Deploy, Test, Monitor: Mastering Microsoft Defender ASR with Atomic Techniques in Splunk

Explore Microsoft Defender ASR's role in cybersecurity with Splunk and learn deployment, testing, and monitoring strategies for robust defense.
Security 10 Min Read

Take a SIP: A Refreshing Look at Subject Interface Packages

Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.