Security Blogs
Latest Articles
template
category
category
security
Staff Picks for Splunk Security Reading March 2024
Welcome to the March 2024 Splunk staff picks, featuring a curated list of presentations, whitepapers, and customer case studies that we feel are worth a read.
UEBA Superpowers: Detect and Eliminate Advanced Threats with Machine Learning
Splunk User Behavior Analytics (UBA) detects advanced attacks and insider threats with unsupervised machine learning.
Level Up Your Security Data Journey and MITRE ATT&CK Benchmarking with Splunk Security Essentials
Announcing the release of Splunk Security Essentials version 3.8.0, which adds maturity journey and benchmarking.
Process Hunting with PSTree
This tutorial shows how to use the pstree command & app to help you look through all the processes you have to investigate.
Elevating Security Intelligence with Splunk UBA's Machine Learning Models
Splunk UBA uses machine learning to detect evolving threats beyond rule-based approaches in SOC operations, tackling overwhelming event volumes.
Enhancing SIEM Events with Automated Threat Analysis of URLs
Splunk debuts Add-on & App for Splunk Attack Analyzer v1.1, elevating security ops via automated URL threat analysis in Splunk ES.
Detecting New Domains in Splunk (Finding New Evil)
Ready to find "new" domains that may be naughty? We'll walk you through how to use Splunk & Splunk Enterprise Security to do that: get the full story here!
Under the Hood of SnakeKeylogger: Analyzing its Loader and its Tactics, Techniques, and Procedures
In this blog, the Splunk Threat Research Team provides valuable insights to enable security analysts and blue teamers to defend and be aware of these scam tactics.
Security Insights: JetBrains TeamCity CVE-2024-27198 and CVE-2024-27199
The Splunk Threat Research Team examines exploit operations, analytics, hunting queries, and tips on capturing TeamCity logs.