Automated Clean-up of HAFNIUM Shells and Processes with Splunk Phantom
Implement security playbooks to automatically delete Microsoft Exchange Webshells and terminate W3WP spawned processes with Splunk Phantom.
Macros, We Don’t Need No Stinking Macros! — Featuring the New Microsoft O365 Email Add-On
Using Microsoft O365 for your emails? Take a look at the new Microsoft O365 Email Add-on for Splunk to start getting in-depth security and non security data from your emails today.
Detecting Data Exfiltration Via the Use of SNICat
TLS SNI extension can now be used to exfiltrate data. Learn how you can add the SNI detection for use in Splunk Enterprise Security.
