Splunk Security Content for Threat Detection & Response: October Recap

Security Splunk Threat Research Team

In October, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.16, v5.17). With these releases, there are 37 new analytics and 11 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

Content highlights include:

For all our tools and security content, please visit research.splunk.com.

Related Articles

Top 3 Market Trends for SOAR Solutions
Security
3 Minute Read

Top 3 Market Trends for SOAR Solutions

Lear more about the general market trends for SOAR, investment recommendations, and how Splunk Phantom aligns with Gartner’s vision for SOAR.
Using the Lookup Command for Threat Hunting (Lookup Before You Go-Go)
Security
4 Minute Read

Using the Lookup Command for Threat Hunting (Lookup Before You Go-Go)

Lookup commands are basically the #1 place to start any threat hunt in Splunk. Get the expert directions here.
Threat Update: Cyclops Blink
Security
6 Minute Read

Threat Update: Cyclops Blink

The Splunk Threat Research Team shares the latest on the payload named Cyclops Blink, which seems to target Customer Premise Equipment devices (CPE) generally prevalent in commercial and residential locations enabling internet connectivity.