false
Registration for .conf25 is open! Join us in Boston September 8–11.
Registration for .conf25 is open! Join us in Boston September 8–11.
Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.

Latest Articles

Security 12 Min Read

Beyond the Patch: SharePoint Exploits and the Hidden Threat of IIS Module Persistence

The cybersecurity landscape witnessed a perfect storm in July 2025 when multiple critical SharePoint vulnerabilities collided with sophisticated IIS module-based persistence techniques, creating a nightmare scenario for enterprise defenders.
Security 10 Min Read

CitrixBleed 2: When Memory Leaks Become Session Hijacks

Discover how to detect, mitigate, and respond to CitrixBleed 2 (CVE-2025-5777), a critical Citrix NetScaler ADC and Gateway vulnerability exploited in the wild.
Security 20 Min Read

Unlocking Endpoint Network Security Insights with Cisco Network Visibility Module (NVM) and Splunk

Unlock deep endpoint network security insights by integrating Cisco NVM with Splunk.
Security 13 Min Read

Beyond The Click: Unveiling Fake CAPTCHA Campaigns

Learn how clipboard hijacking delivers malware and explore tools like ClickGrab & PasteEater for robust defense strategies.
Security 4 Min Read

Splunk @ SAPPHIRE 2025 Recap: How SAP Customers Use Splunk for World-Class Observability and Security

Splunker Keith Hontz shares a look at the Splunk highlights from SAP SAPPHIRE 2025.
Security 2 Min Read

Splunk Security Content for Threat Detection & Response: June Recap

Learn about the latest security content from Splunk.
Security 16 Min Read

When Installers Turn Evil: The Pascal Script Behind Inno Setup Malware Campaign

Uncover the Inno Setup malware campaign leveraging Pascal scripting to deliver RedLine Stealer.
Security 4 Min Read

Threat Hunting with TLS/SSL Certificates

TLS and SSL certificates are a great way to hunt advanced adversaries. Collect them with Splunk Stream, Bro, or Suricata and hunt in your own data!
Security 6 Min Read

How To Use CloudTrail Data for Security Operations & Threat Hunting

This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Security 4 Min Read

Hunting with SA-Investigator & Splunk Enterprise Security (SIEM)

Discover how Splunk Enterprise Security and the SA-Investigator add-on empower analysts to streamline threat hunting and incident response. Learn how to pivot across assets, identities, and processes for deep-dive investigations and actionable insights. Happy hunting!
Security 7 Min Read

Hunting for Threats in VPCFlows

This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.
Security 13 Min Read

XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild

Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.
Security 15 Min Read

Machine Learning in Splunk Enterprise Security: Unleashing Hidden Detection Power

Discover how Splunk Enterprise Security 8.0 revamps machine learning, spots hidden threats, simplifies anomaly detection, and turbocharges your SOC.
Security 2 Min Read

Splunk Attack Analyzer Introduces Built-in Translation and Achieves SOC 2 Compliance

Splunk Attack Analyzer enhances threat analysis with built-in email/document translation and achieves SOC 2 compliance.
Security 3 Min Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

Our Splunk security experts share their favorite reads of the month so you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Security 3 Min Read

Introducing Splunk Attack Range v4.0

Splunk Attack Range v4.0 empowers security teams to build detections & emulate adversaries.
Security 16 Min Read

Behind the Curtain: Detecting Remote Employment Fraud Inside Your Organization

Detect Remote Employment Fraud using Splunk Enterprise Security with actionable detection strategies to identify and respond to fraudulent activity.
Security 1 Min Read

Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025

Splunk has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025.