Security

From Macros to No Macros: Continuous Malware Improvements by QakBot

This blog, the Splunk Threat Research Team (STRT) showcases a year's evolution of QakBot. We also dive into a recent change in tradecraft meant to evade security controls. Last, we reverse engineered the QakBot loader to showcase some of its functions.

Read Full Story

Security

Splunk Integrates with Amazon Security Lake to Deliver Analytics Using the Open Cybersecurity Schema Framework

We're proud to be one of the early partners of Amazon Security Lake, allowing joint Splunk and AWS customers to efficiently ingest the OCSF-compliant data to help improve threat detection, investigation and response.

Read Full Story

Security

How Good is ClamAV at Detecting Commodity Malware?

We ran over 400,000 instances of malware to see how good ClamAV really is. Here's the data.

Read Full Story

Security

Staff Picks for Splunk Security Reading November 2022

Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read. We hope you enjoy.

Read Full Story

Security

NIS2 is coming… What does it mean?

On 28th November, European Member States formally adopted the revision of the Network and Information Security Directive (NIS2) (EN, DE, FR). The Directive will enter into force before the end of the year, but will only be applicable after EU Member States transpose the Directive into national law - by September 2024. So now is the time for a heads-up about the upcoming changes and what they will mean for your cybersecurity operations.

Read Full Story

Security

Explore the Splunk SOAR Adoption Maturity Model

SOAR helps you orchestrate security workflows and automate tasks in seconds to empower your SOC, work smarter and respond faster. Increasingly, security automation is becoming seen as a milestone in maturing your security operations. And maturing security operations is something all organizations need to do, with the rising threat of attacks and threats of all kinds.

Read Full Story

Security

ALL TAGS

Tips & Tricks Observability DevOps Cloud IT Operations Splunk Enterprise .conf IT Splunk Life Splunk Enterprise Security Splunk Cloud Customers Public Sector SignalFx Security Monitoring Partners Cybersecurity Security Orchestration & Automation (SOAR) Security Analysis and Response SIEM Infrastructure Monitoring Machine Learning Splunk Apps & Add Ons Splunk4Good Security Solutions Machine Learning Toolkit Developers Leadership Artificial Intelligence Machine Learning Open Source Security Research Splunk Phantom Machine Data Advanced Threat Detection SOAR Cloud Monitoring Splunk Machine Learning Toolkit Risk Mitigation Splunk ITSI Community Incident Response AIOps Boss of the SOC AWS Splunk Observability Cloud Internet of Things Splunk Answers video Security Analytics Women in Tech Splunk UBA APAC Application Monitoring IT Service Intelligence IT Service Monitoring .conf & SplunkLive! Splunk APM Incident Investigation & Forensics Fraud Detection University Recruiting SplunkTrust Financial Services Internship IT Monitoring and Investigate Container Monitoring Global Restart webinar IT Event Analytics Compliance Thought Leadership Retail Higher Education Ransomware IT App Analytics industry events Connected Experiences Server Monitoring Data Age IT Event Management Splunk for Good Boss of the NOC Healthcare EMEA SURGe Omnition Log Management Insider Threat OpenTelemetry Modern SOC Observability Suite Preventative Maintenance & Predictive Analytics Operational Intelligence Diversity Equity & Inclusion Pricing Predictions Data Value Industrial Data Splunk RUM Communications Splunk Universal Forwarder Splunk Life ICS, OT and Industrial Security Manufacturing Splunk Mobile Splunk On Call Careers SplunkLive AMER Industry 4.0 Splunk Security Cloud whitepaper Industrial Monitoring and Diagnostics case study Splunk Insights for Infrastructure Adaptive Response Splunk Research Culture Industrial Asset Management ebook Aerospace & Defense SURGe Splunk Log Observer Splunk AR Nonprofit Veterans & Military Energy & Utilities Splunk Light Splunk IT Cloud IT Essentials Splunk Synthetic Monitoring Podcast Splunk TV Dark Data Splunk VR Awards Accenture podcast audio file Events Employee Resource Groups Splunk App for Infrastructure Splunk Insights Corporate Cisco Splunk Insights for Ransomware Splunk Insights for AWS Cloud Monitoring Splunk Industrial Asset Intelligence Splunk Ventures Remote Work Insights Splunk Cloud Gateway Data Stream Processor calculator Booz Allen Hamilton Online Services

Show All Tags

Show Less Tags

Security

From Macros to No Macros: Continuous Malware Improvements by QakBot

Splunk Integrates with Amazon Security Lake to Deliver Analytics Using the Open Cybersecurity Schema Framework

How Good is ClamAV at Detecting Commodity Malware?

Staff Picks for Splunk Security Reading November 2022

NIS2 is coming… What does it mean?

Explore the Splunk SOAR Adoption Maturity Model

This Feels Scripted: Zeek Scripting and Splunk

Inside the Mind of a ‘Rat’ - Agent Tesla Detection and Analysis

SOC, Amore Mio! Following .italo's Tracks to a More Mature SOC

DORA will accelerate cloud migration in Financial Services

Splunk Security Award-Winning Momentum in 2022