Security Blogs

Latest Articles

Using metadata & tstats for Threat Hunting
Security
4 Minute Read

Using metadata & tstats for Threat Hunting

Behold the power of metadata and tstats commands! These commands will quickly provide situational awareness of your hosts and sourcetypes as you begin hunting.
Using stats, eventstats & streamstats for Threat Hunting…Stat!
Security
5 Minute Read

Using stats, eventstats & streamstats for Threat Hunting…Stat!

The stats command is a crucial capability when you’re threat hunting. And so are two related commands: eventstats & streamstats. Get all the details, right here.
Threat Hunting for Dictionary-DGA with PEAK
Security
6 Minute Read

Threat Hunting for Dictionary-DGA with PEAK

Explore applied model-assisted threat hunting for dictionary-based domain generation algorithms using the SURGe Security Research Team's PEAK Threat Hunting Framework.
Deep Learning in Security: Text-based Phishing Email Detection with BERT Model
Security
4 Minute Read

Deep Learning in Security: Text-based Phishing Email Detection with BERT Model

We introduced a large language model (LLM)-based phishing email detector integrated into the Splunk DSDL app. We provide details on model training and evaluation, comparisons to other machine learning and deep learning algorithms as well as deployment approaches to Splunk in this blog.
Sharing is Not Caring: Hunting for Network Share Discovery
Security
9 Minute Read

Sharing is Not Caring: Hunting for Network Share Discovery

This post offers a practical guide to enhancing detection strategies against network share discovery, a technique often used by threat actors.
Staff Picks for Splunk Security Reading August 2023
Security
4 Minute Read

Staff Picks for Splunk Security Reading August 2023

Splunk security experts share a list of presentations, whitepapers, and customer case studies from August 2023 that they feel are worth a read.
Splunk Security Use Cases
Security
2 Minute Read

Splunk Security Use Cases

Key Threat Hunting Deliverables with PEAK
Security
4 Minute Read

Key Threat Hunting Deliverables with PEAK

When most people think of threat hunting, they think of uncovering unknown threats – but that is only one of many (better) reasons to show value with threat hunting.
Unified Strategies Across IT and Security for Cutting-Edge Detection, Investigation and Response
Security
4 Minute Read

Unified Strategies Across IT and Security for Cutting-Edge Detection, Investigation and Response

Splunk's Mike Horn shares a closer look at the value of a unified approach to security and observability.