Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Hunting for Threats in VPCFlows
This article will look at native AWS network telemetry — VPCFlows. We’ll explore what it is, how you can ingest it, and what value it provides from a security perspective.
XWorm's Shape-Shifting Arsenal: Loader and Stager Variants in the Wild
Explore XWorm's shape-shifting tactics, evolution, and persistence, and how Splunk helps detect this RAT.
Machine Learning in Splunk Enterprise Security: Unleashing Hidden Detection Power
Discover how Splunk Enterprise Security 8.0 revamps machine learning, spots hidden threats, simplifies anomaly detection, and turbocharges your SOC.
Splunk Attack Analyzer Introduces Built-in Translation and Achieves SOC 2 Compliance
Splunk Attack Analyzer enhances threat analysis with built-in email/document translation and achieves SOC 2 compliance.
Introducing Splunk Attack Range v4.0
Splunk Attack Range v4.0 empowers security teams to build detections & emulate adversaries.
Behind the Curtain: Detecting Remote Employment Fraud Inside Your Organization
Detect Remote Employment Fraud using Splunk Enterprise Security with actionable detection strategies to identify and respond to fraudulent activity.
Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025
Splunk has been named a Leader in The Forrester Wave: Security Analytics Platforms, Q2 2025.
Defending at Machine Speed: Guiding LLMs with Security Context
Enhance LLM performance for cybersecurity tasks with few-shot learning, RAG, & fine-tuning guide models for accurate PowerShell classification.
Splunk Security Content for Threat Detection & Response: May Recap
There are 13 new analytics and 4 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.
Innovations in Splunk Security Expands Unified TDIR Experience to On-Premises and FedRamp Moderate Environments
Announcing the general availability of Splunk Enterprise Security 8.1, bringing unified TDIR workflows fueled by automation to both customer managed deployments and FedRAMP Moderate environments
From Instinct to Insight: Why Metrics Are Essential to Threat Hunting Success
Splunker Tamara Chacon explores why metrics are critical to threat hunting success.
Securing the Network Edge: Cisco Secure Firewall Threat Defense Detections for Splunk
Enhance your network security with Cisco Firepower Threat Defense and Splunk using out-of-the-box detections developed by Splunk's Threat Research Team.
Enter the SOC of the Future in Splunk’s State of Security 2025
Splunk's State of Security 2025: The Stronger, Smarter SOC of the Future reveals the insights, aspirations, and challenges of security leaders.
Key Findings From a Recent Study on Data Management in the Modern Security Operations Center
Learn about cloud storage preferences, data cost challenges, and best practices for optimizing your SOC's security posture and cost efficiency.
Breaking Down Termite Ransomware: Infection Methods and Detections
Deep dive into Termite ransomware: Discover its infection methods, targeted vulnerabilities (like Cleo's CVE-2024-50623), and Splunk security detections.
Imposters at the Gate: Spotting Remote Employment Fraud Before It Crosses the Wire
Remote Employment Fraud actors don’t steal credentials—they’re issued them. This blog explores early detection and why security can’t face this threat alone.
Australia Is Investing in Resilience – Are Businesses Ready?
Splunker Craig Bates explains why the most immediate — and underestimated — consequence of disruption isn’t always data loss. It’s downtime.
Cloak and Firewall: Exposing Netsh’s Hidden Command Tricks
Learn about hidden Netsh command tricks, detection methods, and Splunk security detections to protect your Windows systems.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
