false
Splunk Blogs
Splunk Blogs
Splunk Blogs
Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 4 Min Read

Splunk SOAR Playbooks: GCP Unusual Service Account Usage
In this new Splunk SOAR Playbook, we'll show how a Splunk Enterprise search can trigger automated enrichment, an analyst prompt, and rapid response actions to prevent damage caused by malicious account access.
Security 2 Min Read

Super Speed with Phantom Slash Commands
Splunker Olivia Courtney shares a walkthrough of what you can do with the power of Phantom Slash Commands to investigate Splunk Phantom events.
Security 5 Min Read

Detecting Password Spraying Attacks: Threat Research Release May 2021
The Splunk Threat Research team walks you through a new analytic story to help SOC analysts detect adversaries executing password spraying attacks, and highlights a few detections from the May 2021 releases.
Security 3 Min Read

Tales of a Principal Threat Intelligence Analyst
Discover how threat intelligence can offer valuable insights to help fend off future attacks, no matter how covert or cunning they appear to be.
Security 4 Min Read

A Deeper Dive into TruSTAR Intel Workflows
Learn about TruSTAR's API 2.0, featuring TruSTAR Intel Workflows. This blog post provides a look at some technical aspects of the Indicator Prioritization Intel Workflow.
Security 10 Min Read

EO, EO, It’s Off to Work We Go! (Protecting Against the Threat of Ransomware with Splunk)
We read the 'What We Urge You To Do To Protect Against The Threat of Ransomware' memo and Executive Order (EO14028) in-depth, and this blog is designed to provide you with the information and takeaways to start acting immediately.
Security 1 Min Read

Understanding Splunk Phantom’s Join Logic
Have you ever built complex playbooks and tested them, only to find that they halted execution mid-stream? That’s probably because of your ‘join’ settings – read on to learn more.
Security 2 Min Read

Easily Automate Across Your AWS Environments with Splunk Phantom
Splunk Phantom now has the flexibility to let you easily manage your AWS environment across hundreds or thousands of accounts – read on to learn more.
Security 5 Min Read

Partner Spotlight: IT-ISAC Members Automate and Simplify Intelligence Sharing with TruSTAR
We recently interviewed IT-ISAC Executive Director Scott Algeier to discuss why the organization chose to partner with TruSTAR, and the benefits its members are experiencing using TruSTAR to simplify integrations, automate data flows and make intel more actionable.
Security 2 Min Read

Staff Picks for Splunk Security Reading May 2021
Check out the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read.
Security 8 Min Read

Advanced Link Analysis, Part 3 - Visualizing Trillion Events, One Insight at a Time
Learn how to get actionable insights from large datasets using link analysis in the third installment of our Advanced Link Analysis series, showcasing the interactive visualization of advanced link analysis with Splunk partner, SigBay.
Security 2 Min Read

SOAR in Seconds with Splunk Feature Overviews
Get a quick overview of Splunk's SOAR tool, Splunk Phantom, and the main features within.
Security 4 Min Read

TruSTAR Intel Workflows Series: 3 Stages of the Prioritized Indicator Intel Workflow
This blog series explains our motivations for building this feature, how it works, and how users can better inform security operations. In this section, we dive into the three stages of the Prioritized Indicator Intel Workflow.
Security 1 Min Read

Little Code, Big Impact: Easily Scale your Security Automation with Splunk SOAR
Discover how our latest revision of Splunk Phantom’s 'custom functions' make playbook creation and execution faster and easier than ever with the ability to create shareable custom code across playbooks while introducing complex data objects into the playbook execution path.
Security 6 Min Read

DarkSide Ransomware: Splunk Threat Update and Detections
Splunk Threat Research Team (STRT) replicated the DarkSide Ransomware Attack and has released an Analytic Story with several detection searches directed at community shared IOCs.
Security 3 Min Read

Presidential Executive Order: “Collect and Preserve” Incident Data. Is this the Catalyst for Cybersecurity’s Black Box?
President Biden’s Executive Order (EO) on Improving the Nation’s Cybersecurity defines a solid path forward for the Federal government and its suppliers to address systemic problems in defending cyberspace.
Security 8 Min Read

The DarkSide of the Ransomware Pipeline
Learn about the Colonial Pipeline ransomware attack and how you can start detecting and remediating DarkSide's activities and attack using Splunk.
Security 3 Min Read

A Threat As Old As The Internet: Why We Still Care About Malware (And Why You Should Too)
Splunk's CISO Yassir Abousselham dives into why — as IT and security leaders — we need to come up with comprehensive strategies to specifically mitigate malware attacks.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.