Security Blogs

The blog explains how STRT develops Splunk Security Content, aiding detection engineering and threat research teams to efficiently detect and respond to potential threats, using ESCU App amidst growing security incidents and system complexity.

Details on hypothesis-driven threat hunting with the PEAK framework.

In our last RBA blog post, we talked about some of the problems RBA can help solve. In this post, we explain the methodology we use with Splunk customers as their security teams start working with RBA.