Security Blogs

Learn more about how to identify use cases for automation and dive deeper into the five steps of designing security workflows around framework regulations

Learn how successful security teams “Marie Kondo” their security operations, cleaning up their “visible mess” to identify the true source of “disorder” (the cyber attack itself).

At TruSTAR, we want to highlight stories of success in defending cyberspace that can propagate as best practices. Read more about human dependencies, technical challenges and defining data to be shared.

Even if you haven’t uncovered Microsoft Exchange Vulnerabilities and malicious behavior, it is important to continue monitoring, particularly as more actors look to leverage these vulnerabilities for their own purposes.

Starting with a single piece of data, use Splunk link analysis functionality to find related links going multiple levels down.

OT attacks are on the rise, as we've seen from the Oldsmar water facility attack. the Splunk IoT, Manufacturing and Energy team has been hard at work improving Splunk for OT Security to help secure your environment.

Learn about the latest emerging threats, such as Cloud Federated Credential Abuse and Cobalt Strike, where bad actors are abusing credential privileges in cloud environments to gain unauthorized access.

Splunker Kelly Huang explains the how and why of standardizing your team's security processes to build a superstar SOC.

This blog discusses how to detect HAFNIUM activity around the recent CVEs released affecting Exchange Server using Splunk and Splunk Enterprise Security.