Security Blogs

Splunk and DTEX Systems have partnered to offer an integrated solution that captures, analyzes and streams a single, noise-free endpoint data signal.

The Splunk Threat Research Team recently began evaluating ways to generate security content using native Windows event logging regarding PowerShell Script Block Logging to assist enterprise defenders in finding malicious PowerShell scripts.

TruSTAR, acquired by Splunk, recently spoke with Alvin Mills, TBA’s Vice President of Information Technology and Security to learn why the organization selected TruSTAR as its intelligence management platform for data-centric security automation.

Adversaries are using PowerShell attacks, but luckily the Splunk Threat Research Team (STRT) has developed PowerShell analytics for Splunk by using the Splunk Attack Range to collect the generated logs, and hunt for suspicious PowerShell.

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

We recently spoke with Brian Hinze, NCU-ISAO Vice President, Member Services and Operations, to learn more about why NCU-ISAO chose TruSTAR for intelligence management, and how member organizations are using TruSTAR for information sharing and collaboration.

Wondering how to prevent alert fatigue and turnover within your cyber team? Learn how Splunk can help Cyber professionals with a more efficient way to view, assess, and prioritize system alerts before devoting time to investigations.

We all know Splunk’s data platform is capable of delivering incredible analytics and insights at scale, but how do we tie that power with all of the security content and premium solutions for security that Splunk provides? I thought it would be a good idea to jot some thoughts down about some common high level security use cases becauseI get asked this question so much.

According to 451 Research’s Voice of the Enterprise survey data, 64% say integration and correlation of threat intelligence is very important when selecting a SIEM vendor. Learn where Splunk Enterprise Security can give you actionable insights.