Security Blogs

The Splunk Threat Research Team shares how they utilized public research to capture Brute Ratel Badgers (agents) and create a Yara rule to help identify more on VirusTotal.

Check out the latest staff picks from Splunk security experts, featuring presentations, whitepapers, and customer case studies that we feel are worth a read.

The Splunk Threat Research Team shares a closer look at a hunting analytic and two machine learning-based detections that help find users running highly suspicious risky SPL commands.

The Splunk Threat Research Team shares how to identify protocol handlers on an endpoint, different ways to simulate adversary tradecraft that utilizes a protocol handler, and a piece of inspiring hunting content to help defenders identify protocol handlers being used in their environment.

With less than a month to go before Americas' BOTS Day '22, we thought it would be the perfect time to explain what’s happening and how the day will go.

The Splunk Threat Research Team analyzes 'Azorult loader' (a payload that imports its own AppLocker rules) to understand the tactics and techniques that may help defend against these types of threats.

Check out the latest staff picks from our Splunk security experts, featuring a list of presentations, whitepapers, and customer case studies that we feel are worth a read.

Learn more about the Ransomware Content Browser recently released inside Splunk Security Essentials, aimed at helping customers combat the problem of ransomware.

Announcing our participation as a co-founder of the new public Open Cybersecurity Schema Framework (OCSF) open-source project at Black Hat 2022.