Security Blogs

UEBA excels at identifying small deviations in user and device behavior across authentication, data access, data movement, and privilege usage.

The Splunk Threat Research Team walks through the lab setup, Splunk data ingestion, and initial exploration of Tetragon logs to establish our foundation.

In January, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app (v5.20).

The Hardening Project is a community-driven competition sponsored by industries, academia and government agencies, dedicated to maximizing the value of defensive technology. Splunk joined forces with Cisco, standing together as "One Team" to protect what matters most.

Learn to bridge AI’s statistical breadth with human depth. Master AI literacy, effective prompting, and responsible use to turn AI predictions into meaningful insights.

Discover common TTPs across RATs and info-stealers. Learn how the Splunk Threat Research Team uses MITRE ATT&CK to identify malware patterns and improve defense.

Protect your software supply chain from npm attacks. Learn to use Package-Inferno and npm-threat-emulation for deep analysis and detection with Splunk SPL.

End SOC analyst fatigue with Splunk Enterprise Security. Discover how unified TDIR, Agentic AI, and automation transform security operations, streamline investigations, and empower your team.

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security Content Update (ESCU) app.