false
Splunk Blogs
Splunk Blogs
Splunk Blogs
Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 2 Min Read

Nation-State Espionage Targeting COVID-19 Vaccine Development Firms - The Actions Security Teams Need To Take Now!
The UK NCSC published an advisory report that threat group APT29 most recently targeted organizations which are involved in COVID-19 vaccines development and testing. Find out if your organization is affected and which actions you need to take now.
Security 1 Min Read

The Next 12 Months - Where IT Leaders Anticipate Spending More Time On
IDG’s recent “State of the CIO” survey across IT leaders has revealed the impact of COVID-19 on IT organizations and the sudden and unforeseen shifts of their initial 2020 plans.
Security 6 Min Read

Approaching Kubernetes Security — Detecting Kubernetes Scan with Splunk
Approaching Kubernetes security. Detect and investigate Kubernetes cluster scan and fingerprinting using Splunk.
Security 3 Min Read

Splunk Attack Range Now With Caldera and Kali Linux
An overview of the updates the Splunk Security Research Team has been working on for Splunk Attack Range, now with Caldera adversarial simulation framework and Kali Linux
Security 5 Min Read

Integrating COVID (or Any) Threat Indicators with MISP and Splunk Enterprise Security
Integrating MISP servers with Enterprise Security's Threat Intelligence framework
Security 2 Min Read

Asset & Identity for Splunk Enterprise Security - Part 3: Empowering Analysts with More Attributes in Notables

This is part three in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing providing additional visibility and context to analysts with a notable event.
Security 4 Min Read

Asset & Identity for Splunk Enterprise Security - Part 2: Adding Additional Attributes to Assets
This is part two in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing on adding additional field or attributes to further contextualize systems being monitored.
Security 3 Min Read

Between Two Alerts: Easy VPN Security Monitoring with Splunk Enterprise Security
It’s a whole new world we’re living in, at least for now. This little tutorial will help you stay on top of your security game while in the world of Enterprise Security.
Security 4 Min Read

Asset & Identity for Splunk Enterprise Security - Part 1: Contextualizing Systems
This is part one in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing on gaining context on systems being monitored.
Security 7 Min Read

Use Cloud Infrastructure Data Model to Detect Container Implantation (MITRE T1525)
Using cloud infrastructure data model to detect possible container implantation (Mitre Cloud Matrix technique T1525)
Security 2 Min Read

Boss of the SOC v3 Dataset Released!
The tradition continues! We are happy to announce that the Boss of the SOC (BOTS) v3 dataset has been released under an open-source license and is available for download.
Security 2 Min Read

World Economic Forum In Davos - Growth in Global Technology Risk

Taking a look at the World Economic Forum (WEF) in Davos 2020 from a cybersecurity angle. What technology risks should we be prepared for according to the WEF?
Security 4 Min Read

Detecting CVE-2020-0601 Exploitation Attempts With Wire & Log Data
Learn two simple techniques for detecting CVE-2020-0601 exploitation attempts using Splunk
Security 4 Min Read

CVE-2020-0601 - How to operationalize the handling of vulnerabilities in your SOC
Recently the CVE-2020-0601 vulnerability was discovered by the NSA. Find out everything you need to know and how you can tackle it in this blog post.
Security 2 Min Read

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)
Using Splunk Attack Range to test and detect Data Destruction techniques
Security 2 Min Read

Q&A Follow-Up: How Datev uses MITRE ATT&CK & Splunk in its SOC
Following our webinar with Datev on how they use MITRE ATT&CK & Splunk in its SOC, we compiled all of the questions left unanswered in this blog post. Read all of it here,
Security 5 Min Read

Stitching Notables Together with Event Sequencing
Event Sequencing can take multiple notable events that are created from correlation searches and present them to the analysts as a set of linked notable events and help prioritize response when these chain of events occur.
Security 1 Min Read

it-sa 2019 - Germany on alert at Europe’s leading trade fair for IT security
Splunk went to it-sa 2019 - Europe's leading trade fair for IT security. We share our highlights of the event.
CONTACT SPLUNK
CONTACT SPLUNK
USER REVIEWS
USER REVIEWS
SPLUNK MOBILE
Download Splunk Mobile on the apple app store
Download Splunk Mobile on the Google Play store
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.