Security Blogs
Latest Articles
AcidPour Wiper Malware: Threat Analysis and Detections
The Splunk Threat Research Team provides an analysis of AcidPour and how to use Splunk’s out-of-the-box security content to help defend against this wiper malware.
How Splunk SOAR is Helping Organizations Achieve a More Resilient Approach to Security
We worked with Peerspot to capture some of the ways customers have found success while using Splunk SOAR as part of their security stack.
Splunk Security Content for Impact Assessment of CrowdStrike Windows Outage
This blog is intended to help existing Splunk customers who are also customers of CrowdStrike gain visibility into how the CrowdStrike outage may be impacting their organizations.
Splunk at Black Hat 2024: Strategic Transformations to Power the SOC of the Future
At Black Hat 2024, Splunk will demonstrate how we’re empowering security teams to embrace strategic transformations and navigate the complex threat landscape.
Breaking Down Linux.Gomir: Understanding this Backdoor’s TTPs
The Splunk Threat Research Team provides an analysis of Linux.Gomir to help security analysts, blue teamers and Splunk customers defend against this threat.
Woken by Ransomware, Are We Hypnotized by Tunnel Vision?
Splunker Ronald Beiboer examines if ransomware has blinded us to the more invisible attacks and how cybersecurity can help.
Introducing ShellSweepPlus: Open-Source Web Shell Detection
Detect web shells easily with ShellSweepPlus, an open-source tool for detecting potential web shells. Learn how ShellSweepPlus works and how to use it here.
regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability
CVE-2024-6387, aka "regreSSHion", exposes Linux environments to remote unauthenticated code execution. Learn how to handle this CVE here.
Splunk Ranked Number 1 in the 2024 Gartner® Critical Capabilities for Security Information and Event Management
Splunk was ranked as the #1 SIEM solution in all three Use Cases in the 2024 Gartner® Critical Capabilities for Security Information and Event Management report.
The Geometry of Fraud Detection
Splunker Nimish Doshi shares statistical ways to find outliers and visualizes what they would look like if using virtual area or virtual volume as geometric representations to find them.
Staff Picks for Splunk Security Reading June 2024
Welcome to the June Splunk staff picks blog, featuring a list of presentations, whitepapers, and customer case studies that our Splunk Security experts feel are worth a read.
Zipf's Law and Fraud Detection
Splunker Nimish Doshi breaks down Zipf’s Law to look for possible indicators of fraud.
Safe Passage: Seamless Transition Path for IBM QRadar Customers
The SOC is where it all goes down and where dedicated SecOps teams work tirelessly to protect every digital corner of an organization.
Reduce False Alerts – Automatically!
Splunker Xiao Lin explains the 'False Positive Suppression Model,' now in the UBA tool.
LNK or Swim: Analysis & Simulation of Recent LNK Phishing
LNK files are a common starting point for many phishing campaigns. Read on to strengthen your defenses against these LNK file phishing attacks.
Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 2
Leverage the power of Splunk to ingest, visualize, and analyze AppLocker events, enabling you to gain valuable insights and strengthen your organization's security posture.
Deploy, Test, Monitor: Mastering Microsoft AppLocker, Part 1
The Splunk Threat Research Team provides a comprehensive overview of AppLocker and guidance for getting started with AppLocker policies
Security Insights: Detecting CVE-2024-4040 Exploitation in CrushFTP
The Splunk Threat Research Team explores how Splunk can help you identify and investigate CVE-2024-4040 exploitation in your CrushFTP environment.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
