DNS data is an all-too-common place for threats. Find out how to use Splunk to hunt for threats in your DNS. We will slay those DNS dragons.

The Splunk Threat Research team shares insights on the CVE-2023-27350 vulnerability, proof of concept scripts, setting up Splunk logging, and detecting adversaries for secure printing.

Learn how you can use Splunk's identifier reputation analysis playbooks to implement a workflow that will help your team automate the alert and quarantine processes for potential threats based on key identifiers.

The Splunk Threat Research Team provides a deep dive analysis of the RedLine Stealer threat and shares valuable insights to help enable blue teamers to defend against and detect this malware variant.

Welcome to the Splunk staff picks, featuring a curated list of presentations, whitepapers, and customer case studies that our Splunk security experts feel are worth a read.

Splunk's Paul Agbabian shares two new major OCSF developments – the general availability of Amazon Security Lake and Splunk Add-On for AWS v.7.0, and Release Candidate 3 launching for public review.

Splunker Haylee Mills dives deeper into the four levels of the Splunk Risk-Based Alerting journey.

Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator. For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH).

In this blog post, we dive into our recent research project, in which the Splunk SURGe team analyzed more than five billion TLS certificates to find out if the CAs we rely on are really worthy of our trust.