Security Blogs

The blog explains how STRT develops Splunk Security Content, aiding detection engineering and threat research teams to efficiently detect and respond to potential threats, using ESCU App amidst growing security incidents and system complexity.

Details on hypothesis-driven threat hunting with the PEAK framework.

In our last RBA blog post, we talked about some of the problems RBA can help solve. In this post, we explain the methodology we use with Splunk customers as their security teams start working with RBA.

The Splunk Machine Learning for Security (SMLS) team introduces a new detection to detect DNS Tunneling using DNS TXT payloads.

Here are 7 questions you should always ask to help your organisation to make the best possible purchase and increase its cyber resilience at the same time.

As AI / Machine Learning (ML) systems now support millions of daily users, has our understanding of the relevant security risks kept pace with this wild rate of adoption?

Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read. We hope you enjoy.

Splunk's Paul Agbabian shares a look back at the key developments and enhancements to the Open Cybersecurity Schema Framework (OCSF) since its launch in August 2022.

The Splunk Threat Research Team shares their findings on the Linux-targeted destructive payload AwfulShred.