Security Blogs

Wondering how to prevent alert fatigue and turnover within your cyber team? Learn how Splunk can help Cyber professionals with a more efficient way to view, assess, and prioritize system alerts before devoting time to investigations.

We all know Splunk’s data platform is capable of delivering incredible analytics and insights at scale, but how do we tie that power with all of the security content and premium solutions for security that Splunk provides? I thought it would be a good idea to jot some thoughts down about some common high level security use cases becauseI get asked this question so much.

According to 451 Research’s Voice of the Enterprise survey data, 64% say integration and correlation of threat intelligence is very important when selecting a SIEM vendor. Learn where Splunk Enterprise Security can give you actionable insights.

Learn how to leverage the real-world and simulated attack data that Splunk's Threat Research team collected to use machine learning to discover attack activity and identify how to transform insights into detections.

If you haven’t heard the news, Splunk Phantom is now Splunk SOAR – available both on-prem and in the cloud. Read on to find out what that means for you.

The Splunk Threat Research Team (STRT) has detected the resurface of a Crypto Botnet using Telegram, a widely used messaging application that can create bots and execute code remotely. Learn more about the indicators of the botnet operation and use our pre-built and tested detections to find them in your environment.

The Splunk Threat Research Team (STRT) addressed Trickbot in the July release. Trickbot is a very popular crimeware carrier (Trojan) associated with current campaigns.

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

In this blog, the Splunk Threat Research team will show you how to use Splunk Attack Range to simulate cyber attacks from the Conti Ransomware group. It will also have pre-built detections that you can use to detect them in your environment.