Security Blogs

Splunk is proud to announce the general availability of Splunk Enterprise Security (ES) Premier for cloud customers.

Learn how to secure Model Context Protocol (MCP) servers using the Splunk MCP TA.

Learn how to use TOTAL-REPLAY to replay Splunk Attack Data logs. Validate detections, tune analytics, and map to MITRE ATT&CK without a full attack lab.

UEBA excels at identifying small deviations in user and device behavior across authentication, data access, data movement, and privilege usage.

The Splunk Threat Research Team walks through the lab setup, Splunk data ingestion, and initial exploration of Tetragon logs to establish our foundation.

In January, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app (v5.20).

The Hardening Project is a community-driven competition sponsored by industries, academia and government agencies, dedicated to maximizing the value of defensive technology. Splunk joined forces with Cisco, standing together as "One Team" to protect what matters most.

Learn to bridge AI’s statistical breadth with human depth. Master AI literacy, effective prompting, and responsible use to turn AI predictions into meaningful insights.

Discover common TTPs across RATs and info-stealers. Learn how the Splunk Threat Research Team uses MITRE ATT&CK to identify malware patterns and improve defense.