Security Blogs

Splunk wins four PeerSpot Tech Leader awards in the SIEM and SOAR categories. A special thanks goes out to all the reviewers who shared their Splunk experience.

Introducing new capabilities that deliver an improved workflow experience for simplified investigations; enhanced visibility and reduced manual workload; and customized investigation workflows for faster decision-making.

Our Splunk security experts curated their September 2023 list of presentations, whitepapers, and customer case studies that we feel are worth a read.

SURGe reviews the latest attacker trends and behaviors with this look at four years of ATT&CK data from some of the largest and most trusted threat reporting sources.

The Splunk Threat Research Team provides a deep-dive analysis of Ave Maria RAT, also known as 'Warzone RAT.'

Splunk's Threat Research Team delves into the attack's components, usage of tools like Mockbin and headless browsers, and provides guidance on detecting such activities.

Behold the power of metadata and tstats commands! These commands will quickly provide situational awareness of your hosts and sourcetypes as you begin hunting.

The stats command is a crucial capability when you’re threat hunting. And so are two related commands: eventstats & streamstats. Get all the details, right here.

Explore applied model-assisted threat hunting for dictionary-based domain generation algorithms using the SURGe Security Research Team's PEAK Threat Hunting Framework.