Security Blogs

Splunker Olivia Courtney shares a walkthrough of what you can do with the power of Phantom Slash Commands to investigate Splunk Phantom events.

The Splunk Threat Research team walks you through a new analytic story to help SOC analysts detect adversaries executing password spraying attacks, and highlights a few detections from the May 2021 releases.

Learn about TruSTAR's API 2.0, featuring TruSTAR Intel Workflows. This blog post provides a look at some technical aspects of the Indicator Prioritization Intel Workflow.

Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.

We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.

Have you ever built complex playbooks and tested them, only to find that they halted execution mid-stream? That’s probably because of your ‘join’ settings – read on to learn more.

Splunk Phantom now has the flexibility to let you easily manage your AWS environment across hundreds or thousands of accounts – read on to learn more.

We recently interviewed IT-ISAC Executive Director Scott Algeier to discuss why the organization chose to partner with TruSTAR, and the benefits its members are experiencing using TruSTAR to simplify integrations, automate data flows and make intel more actionable.

Check out the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read.