false
Splunk Blogs
Splunk Blogs
Splunk Blogs
Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 10 Min Read

Hide Me Again: The Updated Multi-Payload .NET Steganography Loader That Includes Lokibot
An analysis on the updated .NET steganography loader delivering Lokibot malware, including evasion techniques, MITRE ATT&CK TTPs, and Splunk detections to enhance threat identification.
Security 10 Min Read

NotDoor Insights: A Closer Look at Outlook Macros and More
The Splunk Threat Research Team breaks down the NotDoor Outlook-macro backdoor linked to APT28 and shows how to detect these stealthy techniques to strengthen security coverage.
Security 3 Min Read

Splunk Security Content for Threat Detection & Response: October Recap
Stay ahead with Splunk's ESCU monthly security content updates. Find new analytics & stories for threat detection, covering malware, vulnerabilities, and threat actors.
Security 5 Min Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts
Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Security 3 Min Read

Understanding Cyber Resilience with the World Economic Forum

Discover what cyber resilience really means, and the seven areas that organisations need to invest in, to bolster their resilience. This post delves into the WEF's Cyber Resilience Compass and strategies for a proactive defence.
Security 1 Min Read

Splunk Ranked Number 1 in the 2025 Gartner® Critical Capabilities for Security Information and Event Management Use Cases
Splunk has been ranked as the #1 SIEM solution in all three Use Cases for the second consecutive time in the 2025 Gartner® Critical Capabilities for Security Information and Event Management report.
Security 13 Min Read

The Lost Payload: MSIX Resurrection
Threat actors weaponize MSIX for malware delivery – learn about MSIX attacks, distribution, and how Splunk's MSIXBuilder helps security teams test detection safely.
Security 4 Min Read

Splunk is a Leader and Placed Highest in Execution in the Gartner® Magic Quadrant™ for SIEM

Splunk has once again been named a Leader in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM) — our eleventh consecutive placement.
Security 2 Min Read

Build the SOC of the Future with Splunk and Cisco
Discover how Splunk and Cisco are transforming security operations centers with unified platforms, AI-driven threat detection, and real-time visibility. Learn key insights, challenges, and strategies to build a smarter, more resilient SOC for the future.
Security 3 Min Read

Enhancing SOC Efficiency with OCSF & Splunk Enterprise Security
As threat volumes grow and environments become more complex, standardized, high-fidelity telemetry is no longer a luxury–it’s a necessity.
Security 2 Min Read

Splunk Security Content for Threat Detection & Response: September Recap
Splunk's September ESCU update: New security content & analytics for robust threat detection. Covers Cisco ASA, ArcaneDoor, diverse malware, and Office365 Copilot activity.
Security 4 Min Read

Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler
As of Splunk Enterprise 10.0, mTLS is now supported across 10 essential communication paths in your deployment—from forwarders and HTTP Event Collector (HEC) to clustered search heads and indexers.
Security 6 Min Read

Uniting for Collective Defence: How Splunk and ASD Are Strengthening National Cyber Resilience Through CTIS
In response to the evolving cyber threat environment, the Australian Government has taken proactive steps to strengthen national cyber defences.
Security 2 Min Read

2025 Worldwide BOTS Day
After a successful launch of BOTS at .conf25, we’re ready to take it to the masses with two worldwide BOTS10 competitions.
Security 10 Min Read

From Prompt to Payload: LAMEHUG’s LLM-Driven Cyber Intrusion
The Splunk Threat Research Team analyzes the LAMEHUG malware, examining its tactics and techniques to provide insights that can help SOC analysts and blue teamers identify and respond.
Security 7 Min Read

Building a Cross-Functional Remote Employment Fraud Response Team
In this blog, Splunkers Jonathan Heckinger and Brian Starrs cover the most complex aspect of REF risk: what to do after you find it.
Security 3 Min Read

Going Beyond Today’s Asset and Risk Intelligence: What’s New in Splunk ARI 1.2
With the improvements within Splunk’s ARI 1.2, organizations can further improve aligning their vulnerabilities, misconfigurations, and threat activity with the business value of each asset.
Security 4 Min Read

Strengthen SOC Defenses with Native UEBA in Splunk Enterprise Security
Splunk's enhanced UEBA capability, now natively available in ES, empowers SOCs to transition from reactive, fragmented workflows to a proactive, behavior-driven security posture.
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.