Security Blogs

Splunk's CISO Yassir Abousselham dives into why — as IT and security leaders — we need to come up with comprehensive strategies to specifically mitigate malware attacks.

Welcome to Splunk’s Threat Hunter Intelligence Report, a monthly series brought to you by Splunk’s threat hunting and intelligence (THI) team sharing the latest cybersecurity threats and trends to help organizations stay one step ahead of adversaries, one report at a time.

Learn about the Colonial Pipeline ransomware attack and how you can start detecting and remediating DarkSide's activities and attack using Splunk.

We recently introduced TruSTAR Intel Workflows.This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. This is Part 2: How TruSTAR Intel Workflows Work.

Splunk's heading to RSAC 2021, are you? Take a peak at our upcoming sessions and don't forget to tune into our CEO Doug Merritt's keynote when he takes the RSAC main stage.

This playbook focuses specifically on domain names contained in the ingested email, and it uses Cisco Umbrella Investigate to add the risk score, risk status, and domain category to the event in Splunk SOAR.

What do baseball and cybersecurity have in common? Nothing, at first glance. But, take a deeper look and you can see the glaring similarities. That's because cybersecurity is going through its Moneyball transformation right now. Read this blog post to learn more.

Discover how the Splunk Threat Research Team focused their research efforts on Clop Ransomware detections to help organizations detect abnormal behavior faster before it becomes detrimental.

TruSTAR recently introduced API 2.O featuring TruSTAR Intel Workflows. This blog series will explain our motivations for building this feature, how it works, and how users can better inform security operations.