Security Blogs

Latest Articles

Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler
Security
4 Minute Read

Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

As of Splunk Enterprise 10.0, mTLS is now supported across 10 essential communication paths in your deployment—from forwarders and HTTP Event Collector (HEC) to clustered search heads and indexers.
Uniting for Collective Defence: How Splunk and ASD Are Strengthening National Cyber Resilience Through CTIS
Security
6 Minute Read

Uniting for Collective Defence: How Splunk and ASD Are Strengthening National Cyber Resilience Through CTIS

In response to the evolving cyber threat environment, the Australian Government has taken proactive steps to strengthen national cyber defences.
2025 Worldwide BOTS Day
Security
2 Minute Read

2025 Worldwide BOTS Day

After a successful launch of BOTS at .conf25, we’re ready to take it to the masses with two worldwide BOTS10 competitions.
Building a Cross-Functional Remote Employment Fraud Response Team
Security
7 Minute Read

Building a Cross-Functional Remote Employment Fraud Response Team

In this blog, Splunkers Jonathan Heckinger and Brian Starrs cover the most complex aspect of REF risk: what to do after you find it.
From Prompt to Payload: LAMEHUG’s LLM-Driven Cyber Intrusion
Security
10 Minute Read

From Prompt to Payload: LAMEHUG’s LLM-Driven Cyber Intrusion

The Splunk Threat Research Team analyzes the LAMEHUG malware, examining its tactics and techniques to provide insights that can help SOC analysts and blue teamers identify and respond.
Going Beyond Today’s Asset and Risk Intelligence: What’s New in Splunk ARI 1.2
Security
3 Minute Read

Going Beyond Today’s Asset and Risk Intelligence: What’s New in Splunk ARI 1.2

With the improvements within Splunk’s ARI 1.2, organizations can further improve aligning their vulnerabilities, misconfigurations, and threat activity with the business value of each asset.
Strengthen SOC Defenses with Native UEBA in Splunk Enterprise Security
Security
4 Minute Read

Strengthen SOC Defenses with Native UEBA in Splunk Enterprise Security

Splunk's enhanced UEBA capability, now natively available in ES, empowers SOCs to transition from reactive, fragmented workflows to a proactive, behavior-driven security posture.
Splunk Enterprise Security: Built to Empower Every SOC Analyst
Security
5 Minute Read

Splunk Enterprise Security: Built to Empower Every SOC Analyst

Announcing a transformative update to Splunk Enterprise Security (ES) with 8.2: An AI-powered SecOps platform designed to unify and accelerate threat detection, investigation, and response (TDIR) in one seamless experience.
Operationalize ESCU Detections Featuring Onboarding Assistant
Security
7 Minute Read

Operationalize ESCU Detections Featuring Onboarding Assistant

Master operationalizing Splunk ESCU detections in Splunk Enterprise Security using the Onboarding Assistant.