Security Blogs

Modular Workbooks allow you to effortlessly adapt your security operations workflow. Learn how Splunk Phantom SOAR can help divide tasks into phases, assign responsibilities to team members, and document your work.

The Splunk Add-on for OT Security expands existing Splunk Enterprise Security frameworks to improve security visibility in OT environments for our customers, partners and community members.

In this blog, the Splunk threat research team shows how to detect suspicious activity and possible abuse of AWS Permanent and Temporary credentials.

In part 2 of our 3-part series, we walk you through how to use Splunk Security-Content, Attack Range and CircleCI to do detection development, continuous testing and deployment as a workflow in your SOC.

This blog is part 1 of a 3 part series that includes a step-by-step walk-through of how to use Splunk Security-Content, Attack Range and CircleCI to do detection development, continuous testing, and deployment as a workflow in your security operation center.

The UK NCSC published an advisory report that threat group APT29 most recently targeted organizations which are involved in COVID-19 vaccines development and testing. Find out if your organization is affected and which actions you need to take now.

IDG’s recent “State of the CIO” survey across IT leaders has revealed the impact of COVID-19 on IT organizations and the sudden and unforeseen shifts of their initial 2020 plans.

Approaching Kubernetes security. Detect and investigate Kubernetes cluster scan and fingerprinting using Splunk.

An overview of the updates the Splunk Security Research Team has been working on for Splunk Attack Range, now with Caldera adversarial simulation framework and Kali Linux