false

Security Blogs

Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.

Latest Articles

Security 3 Min Read

What You Need to Know About Boss of the SOC

We introduced a new security activity at .conf2016 called “Boss of the SOC” (or BOTS), born from our belief that learning can be both realistic and fun.
Security 1 Min Read

The GDPR: Ready for the wakeup call from your Data Privacy Officer?

How machine data can help organisations prepare for GDPR and support their compliance programmes
Security 2 Min Read

Why Detection and Response Holds the Key to Data Protection

Enterprises are changing security spending strategies and moving away from prevention-only to focus on threat detection and response
Security 1 Min Read

Playbook: Risk-Based Domain Blocking

This playbook uses domain reputation from DomainTools to risk score a domain. It also uses OpenDNS to enforce security policy and block access to the domain.
Security 3 Min Read

A Day in the Life of a Phantom Security Solutions Architect

We sit down with Frank Scholl, a Phantom Security Solutions Architect to learn how his role enables customer success with security automation.
Security 2 Min Read

Evaluating an SA&O Platform’s Security

One of the most important aspects to consider when evaluating a security automation and orchestration platform is the inherent security features it offers.
Security 2 Min Read

Playbook: Malicious Insider Containment

This example Phantom Playbook below provides an automated response plan to the malicious insider.
Security 2 Min Read

What hygiene has to do with security: Infosec17 Recap

In a wrap up of Infosecurity Europe 2017, Matthias Maier shares the topics, trends and big win of the week.
Security 4 Min Read

Gain insights from Cloud Services using the latest version of Splunk Enterprise Security 4.7

Latest version of Splunk ES introduces key enhancement to improve investigation efficiency and provides insight from common SaaS apps.
Security 3 Min Read

Find the Ultimate Truth in the Wire. Even the most granular logs are not enough to be the truth

About the values of wired data embraced by Splunk SIEM technology, what it will bring to the future of SIEM.
Security 7 Min Read

Steering Clear of the “WannaCry” or “Wanna Decryptor” Ransomware Attack

The detection and prevention of ransomware and other data-destructive malware continues to be one of the highest critical cybersecurity priorities in 2017
Security 3 Min Read

Selecting the Right Skills for Your SA&O Project (Part 2 of 2)

This article provides a high-level overview of the skills that you will need to build a great SA&O solution that really helps your security operations people.
Security 1 Min Read

Strengthen Your Organization's Security Posture with the Splunk Blog

The Splunk blog is your go-to resource for learning how to use Splunk to improve your organization’s cybersecurity. Dive in with a few of our most popular posts on the topic.
Security 8 Min Read

Splunk and Tensorflow for Security: Catching the Fraudster with Behavior Biometrics

Raising the barrier for fraudsters and attackers: how to leverage Splunk and Deep Learning frameworks to discover Behavior Biometrics patterns within user activities
Security 2 Min Read

Punycode phishers - All you need to know

Unicode domains can be used for homograph attacks. Learn what they are and how users can be tricked.
Security 2 Min Read

Use Advanced Threat Detection to Find the Next Shamoon Attack Before It Finds You

Splunker Girish Bhat explains how to use an analytics-driven SIEM solution to detect advanced persistent threats.