Mauricio Velazco

Mauricio is a Principal Threat Research Engineer at Splunk. Prior to Splunk, he led the Threat Management team at a Fortune 500 organization. Mauricio has presented and hosted workshops at conferences like Defcon, BlackHat, Derbycon, BSides and SANS.

Security 14 Min Read

Splunk Tools & Analytics To Empower Threat Hunters

Calling all threat hunters! This article dives into the many Splunk tools and analytics that can help threat hunters in their day-to-day hunting activities.

Security 17 Min Read

Hunting M365 Invaders: Dissecting Email Collection Techniques

The Splunk Threat Research Team describes various methods attackers may leverage to monitor mailboxes, how to simulate them and how teams can detect them using Splunk’s out-of-the-box security content.

Security 11 Min Read

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard

The Splunk Threat Research Team outlines the attack chain detailed in the Microsoft blog, offering practical detection and hunting tips for cybersecurity defenders.

Security 17 Min Read

Hunting M365 Invaders: Blue Team's Guide to Initial Access Vectors

Discover insights from the Splunk Threat Research Team on Microsoft 365 threat detection, focusing on data source analysis and effective methods for hunting initial access threats.

Security 9 Min Read

Sharing is Not Caring: Hunting for Network Share Discovery

This post offers a practical guide to enhancing detection strategies against network share discovery, a technique often used by threat actors.

Security 10 Min Read

Detecting Cloud Account Takeover Attacks: Threat Research Release, October 2022

The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.