Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Unveiling Splunk UBA 5.3: Power and Precision in One Package
Splunk celebrates the launch of User Behavior Analytics (UBA) 5.3, introducing the 20 Node XL cluster, innovative Splunk UBA models, and essential system and security upgrades.
That Was Easy! Manage Lookup Files and Backups With the Splunk App for Lookup File Editing
The 4.0.1 release of the App for Lookup File Editing helps users mitigate issues with new features such as a backup size limit and dashboards for tracking backup size.
Making Sense of the New SEC Cybersecurity Rules and What They Could Mean for Your Company
The United States Securities and Exchange Commission’s (SEC) July 26 approval of new cybersecurity 'incident' disclosure rules is top of mind for every public company, and understanding what it means and how companies will be held accountable is crucial.
Open Cybersecurity Schema Framework (OCSF) Takes Flight with v1.0 Schema Release
The Open Cybersecurity Schema Framework (OCSF) celebrates its first anniversary with the launch of a new open data schema.
BOTS at .conf23 Wrap Up and Worldwide BOTS Day!
After four hours, 56 New Wave songs, a make-your-own donut bar, and a ton of fun, BOTS v8 made its successful debut at .conf23
Using the Lookup Command for Threat Hunting (Lookup Before You Go-Go)
Lookup commands are basically the #1 place to start any threat hunt in Splunk. Get the expert directions here.
Measuring Hunting Success with PEAK
Splunker David Bianco explains how an effective threat hunting program is one of the best ways to drive positive change across an organization’s entire security posture.
Heading to Black Hat? Splunk’s Countdown Is On
Join Splunk at Black Hat 2023 to explore Splunk Attack Analyzer, SURGe research on Chrome browser extension risks, and the latest detection engineering tools from the Splunk Threat Research Team.
Staff Picks for Splunk Security Reading July 2023
Welcome to the July 2023 edition of our Splunk staff picks blog, featuring a list of presentations, whitepapers, and customer case studies that we feel are worth a read.
Turning Hunts Into Detections with PEAK
In this post, we’re going to look at something the PEAK framework refers to as the Hierarchy of Detection Outputs.
Amadey Threat Analysis and Detections
The Splunk Threat Research Team shares a deep-dive analysis of the Amadey Trojan Stealer, an active and prominent malware that first emerged on the cybersecurity landscape in 2018 and has maintained a persistent botnet infrastructure ever since.
Splunk SOAR Playbook of the Month: Threat Hunting with Playbooks
For this month’s edition of Playbook of the Month, we’ll look at how you can use Splunk SOAR’s Hunting playbook to perform threat hunting activities at machine speed.
DevSecOps is Here! Developers and SREs, Meet the SOC Team.
As organizations strive to enhance the cyber resilience of their operations, the scope of SOC teams is expanding beyond traditional enterprise IT. Find out more in this blog.
Baseline Hunting with the PEAK Framework
Splunker David Bianco provides an in-depth look at baseline hunts, also known as Exploratory Data Analysis (EDA) hunts.
Machine Learning in Security: Detect DNS Data Exfiltration Using Deep Learning
This blog discusses in detail about detecting DNS data exfiltration attacks using deep learning
Peeping Through Windows (Logs): Using Sysmon & Event Codes for Threat Hunting
Windows and endpoints go together like threat hunting and Splunk. Let's look at the most valuable Sysmon event codes for threat hunting in Splunk.
UK TSA Regulations: SOC Teams, Get Ready!
The UK Telecommunications Security Act (TSA) compliance is coming and will be a new challenge for SOC teams. Splunk security evangelist Matthias Maier takes a closer look at requirements and shares an end-to-end use case as an example.
Staff Picks for Splunk Security Reading June 2023
Hello, everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
