Security Blogs

We are pleased to announce a new Partner Experience – capture the flag (CTF) on-demand challenges, built by Splunk technology partner Dragos, running in Splunk, hosted on the BOTS platform and available for free!

Splunk's new research report, The State of Security 2022, shares a closer look into the challenges that security organizations face and the strategies they're relying on.

Dive in as the Splunk Threat Research Team shares how Mimikatz, and a few other tools found in Atomic Red Team, access credentials via LSASS memory.

Risk-Based Alerting (RBA) is an intelligent alerting method with SIEM for security operations to operationalize cyber security frameworks like MITRE ATT&CK, Lockheed Martin's Killchain, or CIS20.

Get a breakdown of the features of the new malicious payload used against Ukraine, CaddyWiper.

In this February 2022 release, the Splunk Threat Research Team (STRT) focused on comparing currently created living off the land security content with Sigma and the LOLBas project.

The Splunk Threat Research Team shares a closer look at a new malicious payload named DoubleZero Destructor (CERT-UA #4243).

Check out our Splunk security experts' curated list of presentations, white papers, and customer case studies that we feel are worth a read in the month of March.

With the release of SURGe's new ransomware research, Splunker Shannon Davis shares a closer look into measuring how fast ransomware encrypts files.