Splunk's Mark Troselj explores the findings of Splunk SURGe's recent ransomware report and explains the importance of making risk mitigation a proactive and strategic focus.

The Splunk Threat Research Team is monitoring several malicious payloads targeting Customer Premise Equipment (CPE) devices. These are defined as devices that are at customer (Commercial, Residential) premises and that provide connectivity and services to the internet backbone

We are pleased to announce a new Partner Experience – capture the flag (CTF) on-demand challenges, built by Splunk technology partner Dragos, running in Splunk, hosted on the BOTS platform and available for free!

Splunk's new research report, The State of Security 2022, shares a closer look into the challenges that security organizations face and the strategies they're relying on.

Dive in as the Splunk Threat Research Team shares how Mimikatz, and a few other tools found in Atomic Red Team, access credentials via LSASS memory.

Risk-Based Alerting (RBA) is an intelligent alerting method with SIEM for security operations to operationalize cyber security frameworks like MITRE ATT&CK, Lockheed Martin's Killchain, or CIS20.

Get a breakdown of the features of the new malicious payload used against Ukraine, CaddyWiper.

In this February 2022 release, the Splunk Threat Research Team (STRT) focused on comparing currently created living off the land security content with Sigma and the LOLBas project.

The Splunk Threat Research Team shares a closer look at a new malicious payload named DoubleZero Destructor (CERT-UA #4243).