Latest Articles
displayMode
paginated
category
Security
showImagesOnMobile
false

Security
10 Minute Read
Deep Dive on Persistence, Privilege Escalation Technique and Detection in Linux Platform
Deep dive with the Splunk Threat Research Team on Linux Privilege Escalation and Linux Persistence Techniques.

Security
6 Minute Read
Linux Persistence and Privilege Escalation: Threat Research January 2022 Release
In this January 2022 release, The Splunk Threat Research (STRT) team focused on the recently released Sysmon for Linux technology addition to Splunk.

Security
2 Minute Read
Staff Picks for Splunk Security Reading February 2022
Each month, Splunk security experts curate a list of news articles, research, white papers, and customer case studies that we feel are worth a read. We hope you enjoy!

Security
2 Minute Read
Introducing Synthetic Adversarial Log Objects (SALO)
Synthetic Adversarial Log Objects (SALO) is a framework for the generation of log events without the need for infrastructure or actions to initiate the event that causes a log event. Learn more about its purpose and how you can utilize it.

Security
2 Minute Read
Staff Picks for Splunk Security Reading January 2022
Welcome to the Splunk staff picks blog. Each month, Splunk security experts select presentations, white papers, and customer case studies that we feel are worth a read. We hope you enjoy.

Security
11 Minute Read
Threat Advisory: STRT-TA02 - Destructive Software
The focus of this threat advisory is on a recently reported destructive payload by Microsoft MSTIC under the name of WhisperGate. We break down the different components and functions of how this payload works and provide a series of detections to mitigate and defend against this threat.

Security
7 Minute Read
Approaching Linux Post-Exploitation with Splunk Attack Range
An introduction to linux post exploitation simulation and threat detection using Splunk Attack Range and linux Sysmon.

Security
3 Minute Read
Refined User Experience, New Executive Visibility, and Enhanced Cloud Monitoring with Splunk Enterprise Security 7.0
Check out the latest Security Analytics enhancements to Splunk Enterprise Security with our latest 7.0 release.

Security
9 Minute Read
Detecting Malware Script Loaders using Remcos: Threat Research Release December 2021
Start detection against behaviors and TTPs from a Remcos loader that utilizes DynamicWrapperX (dynwrapx.dll) to execute shellcode and inject Remcos RAT into the target process.