Security Blogs

Learn how to get actionable insights from large datasets using link analysis in the third installment of our Advanced Link Analysis series, showcasing the interactive visualization of advanced link analysis with Splunk partner, SigBay.

Get a quick overview of Splunk's SOAR tool, Splunk Phantom, and the main features within.

This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. In this section, we dive into the three stages of the Prioritized Indicator Intel Workflow.

Discover how our latest revision of Splunk Phantom’s 'custom functions' make playbook creation and execution faster and easier than ever with the ability to create shareable custom code across playbooks while introducing complex data objects into the playbook execution path.

Splunk Threat Research Team (STRT) replicated the DarkSide Ransomware Attack and has released an Analytic Story with several detection searches directed at community shared IOCs.

President Biden’s Executive Order (EO) on Improving the Nation’s Cybersecurity defines a solid path forward for the Federal government and its suppliers to address systemic problems in defending cyberspace.

Splunk's CISO Yassir Abousselham dives into why — as IT and security leaders — we need to come up with comprehensive strategies to specifically mitigate malware attacks.

Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.

Learn about the Colonial Pipeline ransomware attack and how you can start detecting and remediating DarkSide's activities and attack using Splunk.