Security Blogs

Splunk's Kirsty Paine shares best practices from a roundtable held at Gartner Security & Risk Management Summit 2023.

Learn about the logic loops feature introduced in Splunk SOAR version 6.2 and how you can implement them in your own use cases and playbooks.

Splunk Security supports your journey to digital resilience by providing comprehensive security visibility to reduce business risk; equipping your team with risk-based threat detection, investigation, and response technologies to help you build a modern SOC; and fueling security innovation through Splunk’s vibrant community.

The Splunk Threat Research Team (STRT) unravels the mystery of a PlugX variant, peeling back the layers of its payload, tactics, and impact on the digital realm.

OMB M-21-31 requires US Federal Civilian agencies to implement user behavior monitoring. We'll explain what that means and how to do it right.

Get insights from a recent roundtable discussion in collaboration with CIO magazine. The talk focused on the dual challenge faced by IT and security managers: mitigating risks associated with AI while leveraging AI to enhance organizational capability.

Got some parsed fields that you're ready to analyze... possibly for threat hunting? We'll use Levenshtein, Shannon & URL Toolbox to show you how!

One of the most popular Splunk security apps of all time, URL Toolbox’s URL parsing capabilities have been leveraged by thousands. Full story here.

Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.