Security Blogs

Even if you haven’t uncovered Microsoft Exchange Vulnerabilities and malicious behavior, it is important to continue monitoring, particularly as more actors look to leverage these vulnerabilities for their own purposes.

Starting with a single piece of data, use Splunk link analysis functionality to find related links going multiple levels down.

OT attacks are on the rise, as we've seen from the Oldsmar water facility attack. the Splunk IoT, Manufacturing and Energy team has been hard at work improving Splunk for OT Security to help secure your environment.

Learn about the latest emerging threats, such as Cloud Federated Credential Abuse and Cobalt Strike, where bad actors are abusing credential privileges in cloud environments to gain unauthorized access.

Splunker Kelly Huang explains the how and why of standardizing your team's security processes to build a superstar SOC.

This blog discusses how to detect HAFNIUM activity around the recent CVEs released affecting Exchange Server using Splunk and Splunk Enterprise Security.

How can you be agile and map technical security activities back to the overall goal to reduce the business risk and become cyber resilient while being sensitive to costs and FTE needs at the same time? Find out more in this article.

Nicole Perloth’s new book, This is How They Tell Me the World Ends, details our past and troubling trajectory in cyberspace. It is a terrific and sobering read for both the initiated and uninitiated in information security. This doom and gloom title prompts the need for a blog series focusing on slivers of success in defending cyberspace that can propagate as best practices.

Learn why Denmark’s largest power, utility and telecommunications company turned to Splunk Phantom, Splunk’s security orchestration, automation and response (SOAR) technology, to automate manual workflows, repetitive tasks and difficult-to-maintain processes.