Security

Security

Splunk SOAR Playbooks: GCP Unusual Service Account Usage

In this new Splunk SOAR Playbook, we'll show how a Splunk Enterprise search can trigger automated enrichment, an analyst prompt, and rapid response actions to prevent damage caused by malicious account access.

Security

Super Speed with Phantom Slash Commands

Splunker Olivia Courtney shares a walkthrough of what you can do with the power of Phantom Slash Commands to investigate Splunk Phantom events.

Security

Detecting Password Spraying Attacks: Threat Research Release May 2021

The Splunk Threat Research team walks you through a new analytic story to help SOC analysts detect adversaries executing password spraying attacks, and highlights a few detections from the May 2021 releases.

Security

Tales of a Principal Threat Intelligence Analyst

Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.

Security

EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)

We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.

Security

Understanding Splunk Phantom’s Join Logic

Have you ever built complex playbooks and tested them, only to find that they halted execution mid-stream? That’s probably because of your ‘join’ settings – read on to learn more.

ALL TAGS

Security

Show All Tags
Show Less Tags