Security Blogs

In part 2 of our 3-part series, we walk you through how to use Splunk Security-Content, Attack Range and CircleCI to do detection development, continuous testing and deployment as a workflow in your SOC.

This blog is part 1 of a 3 part series that includes a step-by-step walk-through of how to use Splunk Security-Content, Attack Range and CircleCI to do detection development, continuous testing, and deployment as a workflow in your security operation center.

The UK NCSC published an advisory report that threat group APT29 most recently targeted organizations which are involved in COVID-19 vaccines development and testing. Find out if your organization is affected and which actions you need to take now.

IDG’s recent “State of the CIO” survey across IT leaders has revealed the impact of COVID-19 on IT organizations and the sudden and unforeseen shifts of their initial 2020 plans.

Approaching Kubernetes security. Detect and investigate Kubernetes cluster scan and fingerprinting using Splunk.

An overview of the updates the Splunk Security Research Team has been working on for Splunk Attack Range, now with Caldera adversarial simulation framework and Kali Linux

Integrating MISP servers with Enterprise Security's Threat Intelligence framework

This is part three in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing providing additional visibility and context to analysts with a notable event.

This is part two in a three part series on the Asset & Identity framework in Splunk Enterprise Security, focusing on adding additional field or attributes to further contextualize systems being monitored.