Skip to main content
false

Security Blogs

Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.

Latest Articles

Security 3 Min Read

Macro ATT&CK for a TTP Snack

Splunk's Mick Baccio and Ryan Fetterman explore 2024's macro-level cyber incident trends through the lens of the MITRE ATT&CK framework.
Security 3 Min Read

Introducing Splunk Attack Range v3.1

The Splunk Threat Research Team is happy to release v3.1 of Splunk Attack Range.
Security 3 Min Read

Vulnerability Prioritization Is a Treat for Defenders

There have been numerous high-profile cybersecurity incidents where vulnerability management had an impact on severe breaches – here are some notable examples.
Security 14 Min Read

PowerShell Web Access: Your Network's Backdoor in Plain Sight

The Splunk Threat Research Teams dives deep into PowerShell Web Access (PSWA) exploring its functionality within the context of cyber threats.
Security 2 Min Read

Splunk SOAR Moves Closer to IRAP Assessment for Australian Customers

We're pleased to announce that Splunk SOAR is currently undergoing the IRAP assessment process.
Security 2 Min Read

Splunk is Nurturing Tomorrow’s Cybersecurity Leaders Today

The Splunk Academic Alliance program combines education with practical skills development to prepare the next generation of data and cybersecurity professionals.
Security 6 Min Read

Macro-ATT&CK 2024: A Five-Year Perspective

Splunk’s Ryan Fetterman and Tamara Chacon dive into attacker techniques, trends, and blue team tips for analyzing and visualizing data from the past year.
Security 3 Min Read

Cybersecurity Awareness Is Not Just for Spooky Season

As October marks Cybersecurity Awareness Month, Splunker Mick Baccio reflects on the progress made over the past two decades.
Security 11 Min Read

My CUPS Runneth Over (with CVEs)

This blog dissects the technical intricacies of the CUPS vulnerability, explores its potential impact on affected systems, and provides detection opportunities and mitigation strategies.
Security 11 Min Read

A Case Study in Vulnerability Prioritization: Lessons Learned from Large-Scale Incidents

Splunker Audra Streetman provides an overview of the lessons learned from previous large-scale security incidents to help inform vulnerability prioritization.
Security 5 Min Read

Splunk SOAR Evolved: A Unified TDIR Approach to Automation

Splunk SOAR 6.3.0 and 6.3.1 constitute a significant evolution in how security practitioners can implement, use, and leverage security automation in the SOC more efficiently.
Security 1 Min Read

Splunk Named a Leader in the 2024 IDC MarketScape for SIEM for Enterprise

Splunk is ranked #1 for the fourth year in a row in the IDC Worldwide Security Information and Event Management Market Shares, 2023: The Leaders in SIEM City report!
Security 2 Min Read

Celebrating 2024 Worldwide BOTS Day

After a successful launch of BOTS at .conf24, we’re ready to take it to the masses with two worldwide BOTSv9 competitions.
Security 17 Min Read

Handala’s Wiper: Threat Analysis and Detections

Cisco Talos and the Splunk Threat Research Team provide a comprehensive analysis that expands on existing coverage of Handala's Wiper and offers unique insights.
Security 13 Min Read

ShrinkLocker Malware: Abusing BitLocker to Lock Your Data

The Splunk Threat Research Team shares their findings and methodologies to aid the cybersecurity community in combating ShrinkLocker effectively.
Security 8 Min Read

The Final Shell: Introducing ShellSweepX

The Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.
Security 12 Min Read

Previous Security Content Roundups from the Splunk Threat Research Team (STRT)

Recap: Learn about the last four quarters of security content from the Splunk Threat Research Team.
Security 3 Min Read

The New & Improved Splunk Guide to Risk-Based Alerting

Splunker Haylee Mills shares a brand new version of the step-by-step guide to success with the risk-based alerting framework.