Security Blogs

The Splunk Threat Research Team recently updated the Active Directory Lateral Movement analytic story to help security operations center (SOC) analysts detect adversaries executing these techniques within Windows Active Directory (AD) environments.

A serious remote code execution (RCE) vulnerability (CVE-2021-44228) in the popular open source Apache Log4j logging library poses a threat to thousands of applications and third-party services that leverage this library. From Splunk SURGe, learn how you can detect Log4j 2 RCE using Splunk.

This blog focuses on the latest enhancements made to Splunk's OT Security Add-on, including highlighting key features and improvements that have been made in version 2.1