false
Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.

Latest Articles

Security 16 Min Read

When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.
Security 4 Min Read

Threat Hunting with TLS/SSL Certificates

TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!
Security 6 Min Read

Using CloudTrail Data for Security Operations and Threat Hunting

This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Security 4 Min Read

Hunting with SA-Investigator & Splunk Enterprise Security (SIEM)

Discover how Splunk Enterprise Security and the SA-Investigator add-on empower analysts to streamline threat hunting and incident response. Learn how to pivot across assets, identities, and processes for deep-dive investigations and actionable insights. Happy hunting!
Security 7 Min Read

Hunting for Threats in VPCFlows

This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.
Security 13 Min Read

XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.
Security 15 Min Read

Machine Learning in Splunk Enterprise Security: Unleashing Hidden Detection Power

Discover how Splunk Enterprise Security 8.0 revamps machine learning, spots hidden threats, simplifies anomaly detection, and turbocharges your SOC.
Security 2 Min Read

Splunk Attack Analyzer Introduces Built-in Translation and Achieves SOC 2 Compliance

Splunk Attack Analyzer enhances threat analysis with built-in email/document translation and achieves SOC 2 compliance.
Security 3 Min Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Security 3 Min Read

Introducing Splunk Attack Range v4.0

Splunk Attack Range v4.0 empowers security teams to build detections & emulate adversaries.
Security 16 Min Read

Behind the Curtain: Detecting Remote Employment Fraud Inside Your Organization

Detect Remote Employment Fraud using Splunk Enterprise Security with actionable detection strategies to identify and respond to fraudulent activity.
Security 1 Min Read

Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025

Splunk has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025.
Security 7 Min Read

Defending at Machine Speed: Guiding LLMs with Security Context

Enhance LLM performance for cybersecurity tasks with few-shot learning, RAG, & fine-tuning guide models for accurate PowerShell classification.
Security 1 Min Read

Splunk Security Content for Threat Detection & Response: May Recap

There are 13 new analytics and 4 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.
Security 3 Min Read

Innovations in Splunk Security Expands Unified TDIR Experience to On-Premises and FedRamp Moderate Environments

Announcing the general availability of Splunk Enterprise Security 8.1, bringing unified TDIR workflows fueled by automation to both customer managed deployments and FedRAMP Moderate environments
Security 5 Min Read

From Instinct to Insight: Why Metrics Are Essential to Threat Hunting Success

Splunker Tamara Chacon explores why metrics are critical to threat hunting success.
Security 4 Min Read

Splunk Security Content for Threat Detection & Response: May 2025 Update

Learn about the latest security content from Splunk.
Security 14 Min Read

Securing the Network Edge: Cisco Secure Firewall Threat Defense Detections for Splunk

Enhance your network security with Cisco Firepower Threat Defense and Splunk using out-of-the-box detections developed by Splunk's Threat Research Team.