Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Stitching Notables Together with Event Sequencing
Event Sequencing can take multiple notable events that are created from correlation searches and present them to the analysts as a set of linked notable events and help prioritize response when these chain of events occur.
it-sa 2019 - Germany on alert at Europe’s leading trade fair for IT security
Splunk went to it-sa 2019 - Europe's leading trade fair for IT security. We share our highlights of the event.
Splunk BOTS 4.0: A New Hope
From the basics, to new data, to registration information, discover all you need to know about Splunk BOTS 4.0 at .conf19.
Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business?
In this 3-part series, we take a closer look into Gartner's trends and share how you can address these issues.
Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business? - Part II
Part 2 of our 3-part blog series, in which we take a closer look into Gartner Security and Risk Trends 2019 and give you suggestions on how to address them.
Which of Gartner’s 2019 Top 7 Security and Risk Management Trends Are Impacting Your Business? - Part III
Last and final part of our 3-part blog series in which we review Gartner's Security and Risk Trends 2019 and give advise on how to tackle them.
New: Machine Learning in Splunk Enterprise Security Content Update
Use machine learning techniques to identify outliers in security-related data with a new probability-density function algorithm in Splunk's Machine Learning Toolkit (MLTK)
Monitor for, Investigate, and Respond to Phishing Payloads with Splunk Enterprise Security Content Update
Detect, investigate, and defend signs of phishing payloads in your environment with Splunk Enterprise Security Content Update (ESCU)
Boss of the SOC (BOTS) Advanced APT Hunting Companion App: Now Available on Splunkbase
If you want to learn more about threat hunting with Splunk, this app in conjunction with the BOTSv2 data set is just the answer!
Threat Intel and Splunk Enterprise Security Part 2 - Adding Local Intel to Enterprise Security
Splunker John Stoner shares a walkthrough for how to add local threat intelligence into Splunk Enterprise Security
Boss of the SOC 2.0 Dataset, Questions and Answers Open-Sourced and Ready for Download
You asked, we delivered – Boss of the SOC 2.0 has been open sourced, including dataset, questions, answers and even a scoring server update!
SIEM: The Steps Before "The First Steps"
Laying the groundwork before taking those first crucial steps towards the best SIEM for your business
Wire Data, Huh! What Is It Good For? Absolutely Everything, Say It Again Now!
A brief overview of wire data, its uses and sources, and the new Splunk Essentials for Wire Data app
Modifying the Incident Review Page
How to modify the Incident Review page and add information to Notable Events in Splunk Enterprise Security
ATT&CK-ing the Adversary: Episode 3 – Operationalizing ATT&CK with Splunk
In the final episode in the MITRE ATT&CK trilogy, we focus on applying what we learned and operationalizing it with ATT&CK to assist our security operations
ATT&CK-ing the Adversary: Episode 2 - Hunting with ATT&CK in Splunk
Using MITRE ATT&CK to focus your threat hunting in Splunk
| datamodel Endpoint
Discover what's new in Splunk Common Information Model (CIM) 4.12
Shifting Mindsets: Modernizing the Security Operations Center
How to go from an 'old school' to a 'new school' defender
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
