Ryan Kovar
Using the Lookup Command for Threat Hunting (Lookup Before You Go-Go)
Lookup commands are basically the #1 place to start any threat hunt in Splunk. Get the expert directions here.
Threat Hunting with Splunk: Hands-on Tutorials for the Active Hunter
Curious about threat hunting in Splunk? Wanna brush up on your baddie-finding skills? Here's the place to find every one of our expert articles for hunting with Splunk.
Using Workflow Actions & OSINT for Threat Hunting in Splunk
Two things will make you a more efficient & effective security analyst: OSINT and workflow actions in Splunk. We've got you covered in this article.
Nothing PUNY About OpenSSL (CVE-2022-3602)
The Splunk SURGe team shares an outline of their interpretation of the CVE-2022-3602 vulnerability and what you can do to detect it in your environment.
Atlassian Confluence Vulnerability CVE-2022-26134
Get a closer look at the Atlassian Confluence Vulnerability CVE-2022-26134, including a breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.
Ransomware Encrypts Nearly 100,000 Files in Under 45 Minutes
Splunk SURGe Report reveals the need for ransomware prevention over response and mitigation.
