Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Beyond the Patch: SharePoint Exploits and the Hidden Threat of IIS Module Persistence
The cybersecurity landscape witnessed a perfect storm in July 2025 when multiple critical SharePoint vulnerabilities collided with sophisticated IIS module-based persistence techniques, creating a nightmare scenario for enterprise defenders.
CitrixBleed 2: When Memory Leaks Become Session Hijacks
Discover how to detect, mitigate, and respond to CitrixBleed 2 (CVE-2025-5777), a critical Citrix NetScaler ADC and Gateway vulnerability exploited in the wild.
Unlocking Endpoint Network Security Insights with Cisco Network Visibility Module (NVM) and Splunk
Unlock deep endpoint network security insights by integrating Cisco NVM with Splunk.
Beyond The Click: Unveiling Fake CAPTCHA Campaigns
Learn how clipboard hijacking delivers malware and explore tools like ClickGrab & PasteEater for robust defense strategies.
Splunk @ SAPPHIRE 2025 Recap: How SAP Customers Use Splunk for World-Class Observability and Security
Splunker Keith Hontz shares a look at the Splunk highlights from SAP SAPPHIRE 2025.
Splunk Security Content for Threat Detection & Response: June Recap
Learn about the latest security content from Splunk.
When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign
Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.
Threat Hunting with TLS/SSL Certificates
TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!
How To Use CloudTrail Data for Security Operations & Threat Hunting
This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Hunting with SA-Investigator & Splunk Enterprise Security (SIEM)
Discover how Splunk Enterprise Security and the SA-Investigator add-on empower analysts to streamline threat hunting and incident response. Learn how to pivot across assets, identities, and processes for deep-dive investigations and actionable insights. Happy hunting!
Hunting for Threats in VPCFlows
This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.
XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild
Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.
Machine Learning in Splunk Enterprise Security: Unleashing Hidden Detection Power
Discover how Splunk Enterprise Security 8.0 revamps machine learning, spots hidden threats, simplifies anomaly detection, and turbocharges your SOC.
Splunk Attack Analyzer Introduces Built-in Translation and Achieves SOC 2 Compliance
Splunk Attack Analyzer enhances threat analysis with built-in email/document translation and achieves SOC 2 compliance.
Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Introducing Splunk Attack Range v4.0
Splunk Attack Range v4.0 empowers security teams to build detections & emulate adversaries.
Behind the Curtain: Detecting Remote Employment Fraud Inside Your Organization
Detect Remote Employment Fraud using Splunk Enterprise Security with actionable detection strategies to identify and respond to fraudulent activity.
Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025
Splunk has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
