Security Blogs

The Splunk Threat Research Team shares how to identify protocol handlers on an endpoint, different ways to simulate adversary tradecraft that utilizes a protocol handler, and a piece of inspiring hunting content to help defenders identify protocol handlers being used in their environment.

With less than a month to go before Americas' BOTS Day '22, we thought it would be the perfect time to explain what’s happening and how the day will go.

The Splunk Threat Research Team analyzes 'Azorult loader' (a payload that imports its own AppLocker rules) to understand the tactics and techniques that may help defend against these types of threats.