Security Blogs

See how Splunk helps teams work and collaborate securely while using Google Chrome and Google Workspace.

Check out some highlights of the new features available in Splunk Security Essentials 3.7.0.

See why Splunk earned a spot in the 'Leaders' category in the 2022 IDC MarketScape for worldwide SIEM software.

One common misconception about machine learning methodologies is that they can completely remove the need for humans to understand the data they are working with. In reality, it can often place a greater burden on an analyst or engineer to ensure that their data meets the requirements, cleanliness and standardization assumed by the methodologies used. However, when the complexity of the data becomes significant, how is a human supposed to keep up? One methodology is to use ML to find ways to keep a human in the loop!

The Splunk Machine Learning for Security team introduces a new detection to detect Domain Generation Algorithms generated domains.

The Splunk Threat Research Team shares a closer look at the telemetry available in Azure, AWS and GCP and the options teams have to ingest this data into Splunk.

This blog, the Splunk Threat Research Team (STRT) showcases a year's evolution of QakBot. We also dive into a recent change in tradecraft meant to evade security controls. Last, we reverse engineered the QakBot loader to showcase some of its functions.

We're proud to be one of the early partners of Amazon Security Lake, allowing joint Splunk and AWS customers to efficiently ingest the OCSF-compliant data to help improve threat detection, investigation and response.

We ran over 400,000 instances of malware to see how good ClamAV really is. Here's the data.