Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Enhancing SOC Efficiency with OCSF & Splunk Enterprise Security
As threat volumes grow and environments become more complex, standardized, high-fidelity telemetry is no longer a luxury–it’s a necessity.
Splunk Security Content for Threat Detection & Response: September Recap
Splunk's September ESCU update: New security content & analytics for robust threat detection. Covers Cisco ASA, ArcaneDoor, diverse malware, and Office365 Copilot activity.
Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler
As of Splunk Enterprise 10.0, mTLS is now supported across 10 essential communication paths in your deployment—from forwarders and HTTP Event Collector (HEC) to clustered search heads and indexers.
Uniting for Collective Defence: How Splunk and ASD Are Strengthening National Cyber Resilience Through CTIS
In response to the evolving cyber threat environment, the Australian Government has taken proactive steps to strengthen national cyber defences.
2025 Worldwide BOTS Day
After a successful launch of BOTS at .conf25, we’re ready to take it to the masses with two worldwide BOTS10 competitions.
From Prompt to Payload: LAMEHUG’s LLM-Driven Cyber Intrusion
The Splunk Threat Research Team analyzes the LAMEHUG malware, examining its tactics and techniques to provide insights that can help SOC analysts and blue teamers identify and respond.
Building a Cross-Functional Remote Employment Fraud Response Team
In this blog, Splunkers Jonathan Heckinger and Brian Starrs cover the most complex aspect of REF risk: what to do after you find it.
Going Beyond Today’s Asset and Risk Intelligence: What’s New in Splunk ARI 1.2
With the improvements within Splunk’s ARI 1.2, organizations can further improve aligning their vulnerabilities, misconfigurations, and threat activity with the business value of each asset.
Strengthen SOC Defenses with Native UEBA in Splunk Enterprise Security
Splunk's enhanced UEBA capability, now natively available in ES, empowers SOCs to transition from reactive, fragmented workflows to a proactive, behavior-driven security posture.
Splunk Enterprise Security: Built to Empower Every SOC Analyst
Announcing a transformative update to Splunk Enterprise Security (ES) with 8.2: An AI-powered SecOps platform designed to unify and accelerate threat detection, investigation, and response (TDIR) in one seamless experience.
Operationalize ESCU Detections Featuring Onboarding Assistant
Master operationalizing Splunk ESCU detections in Splunk Enterprise Security using the Onboarding Assistant.
Splunk Security Content for Threat Detection & Response: August Recap
Learn about the latest security content from Splunk.
Static Tundra Analysis & CVE-2018-0171 Detection Guide
Protect your network from Static Tundra's exploitation of CVE-2018-0171 Cisco Smart Install vulnerability. Get comprehensive analysis & Splunk detection guidance.
Splunk Security Content for Threat Detection & Response: August 2025 Update
Learn about the latest security content from Splunk.
Picture Paints a Thousand Codes: Dissecting Image-Based Steganography in a .NET (Quasar) RAT Loader
Uncover how to identify malicious executable loaders that use steganography to deliver payloads such as Quasar RAT.
Detecting Suspicious ESXi Activity Before Ransomware Happens
Learn to detect suspicious activity using Splunk, including log ingestion, common indicators, and comprehensive detection strategies for VMware ESXi environments.
Obey My Logs! AI-Powered Compromised Credential Detection
Splunker Shannon Davis shares a closer look into how to detect compromised credentials with AI-powered PLoB.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
