false
Splunk Blogs
Splunk Blogs
Splunk Blogs
Security Blogs
Security
3 Min Read

Fortify Digital Resilience with Splunk + Cisco Talos Incident Response
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
splunk-blogs-image

Latest Articles

Security 5 Min Read

Modifying the Incident Review Page
How to modify the Incident Review page and add information to Notable Events in Splunk Enterprise Security
Security 4 Min Read

ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
Security 5 Min Read

ATT&CK-ing the Adversary: Episode 2 - Hunting with ATT&CK in Splunk
Using MITRE ATT&CK to focus your threat hunting in Splunk
Security 4 Min Read

| datamodel Endpoint
Discover what's new in Splunk Common Information Model (CIM) 4.12
Security 1 Min Read

Shifting Mindsets: Modernizing the Security Operations Center
How to go from an 'old school' to a 'new school' defender
Security 2 Min Read

“Are We Secure?” Lessons Learned From The CISO Of A Leading Saudi Bank
A Splunk customer's presentation at Gartner’s 2018 Security Risk and Management Summit
Security 6 Min Read

Go With the Flow - Network Telemetry (VPC Data) in AWS
This blog post describes how to use VPC data from AWS in Splunk to hunt hunt hunt!
Security 5 Min Read

CloudTrail - Digital Breadcrumbs for AWS
This blog post reviews AWS cloudtrail as a security logging source and how to hunt in it
Security 1 Min Read

Three Questions For Empowering Security: From Gartner’s Risk and Security Management Summit Europe
Key takeaways from this year's Gartner Risk and Security Management Summit Europe
Security 3 Min Read

I Azure You, This Will Be Useful
This blog post describes how to use Azure Active directory for basic hunting and discovery
Security 2 Min Read

What Keeps the CISO Awake at Night? Four Dreaded Security Headlines
Would your organization's security team be prepared if these headlines appear in tomorrow's news?
Security 3 Min Read

Domestic Intelligence Service of the Federal Republic of Germany Warns About Cyber Attacks
What's happened, how to investigate if you've been affected and what you should do next.
Security 2 Min Read

Knowledge is Power: Guidance from ICO and NCSC on GDPR Security Outcomes
The GDPR learnings are ongoing - are you keeping up?
Security 3 Min Read

Boss of the SOC (BOTS) Investigation Workshop for Splunk
You've played BOTS with Splunk, now learn the how it all happened? This post discusses a new tutorial app that you can run on the BOTS v1 dataset to learn more about BOTS and have an educational workshop at home (or office)
Security 2 Min Read

Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Security 1 Min Read

Strengthen Your SIEM And Be Ready For The GDPR
When facing the GDPR, your SIEM solution can be a great support for your organisation's compliance strategy, but if not strengthened - it can also be your downfall.
Security 2 Min Read

Use Investigation Workbench to Reduce Time to Contain and Time to Remediate
The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response
Security 8 Min Read

Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics
Practical step-by-step guidance to configure ITSI to produce accurate and trusted alerts
Legal
Privacy
Sitemap
Cookies / Do not sell or share my personal data
Website Terms of Use
Modern Slavery

© 2005 - 2025 Splunk LLC All rights reserved.