Security Blogs

In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.

In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.

The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.

A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.

Splunk is excited about AI, but we're keeping our boots on the ground as we partner with customers to leverage AI to improve efficiency while continuing the essentials via Splunk’s platform.

The Splunk Threat Research Team (STRT) provides a deep dive analysis of the DarkGate malware and its use of AutoIt.

Splunk introduces ShellSweep, a suite of utilities designed to detect and combat malicious web shells in servers.

Discover insights from the Splunk Threat Research Team on Microsoft 365 threat detection, focusing on data source analysis and effective methods for hunting initial access threats.

Explore the differences between OT security and IT security, delving into industry-specific challenges and solutions, with insights into the Purdue Model and how Splunk can help.