Splunk Security Content for Threat Detection & Response: August Recap

Security Splunk Threat Research Team

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.11.0, v5.12.0, v5.13.0). With these releases, there are 8 new analytics and 32 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

Content highlights include:

This demo video showcases Xworm attacks and Splunk detections finding the different ways it executes on an OS.

Related Articles

Predicting Cyber Fraud Through Real-World Events: Insights from Domain Registration Trends
Security
12 Minute Read

Predicting Cyber Fraud Through Real-World Events: Insights from Domain Registration Trends

By analyzing new domain registrations around major real-world events, researchers show how fraud campaigns take shape early, helping defenders spot threats before scams surface.
Don’t boil the ocean: A technologist’s take on prioritisation in sustainability
Security
5 Minute Read

Don’t boil the ocean: A technologist’s take on prioritisation in sustainability

Even if manufacturing isn’t close to your heart, you’d have to be pretty cold not to care about sustainability in 2023. Let's get a technologist’s take on prioritisation in sustainability.
Boss of the SOC 2.0 Dataset, Questions and Answers Open-Sourced and Ready for Download
Security
2 Minute Read

Boss of the SOC 2.0 Dataset, Questions and Answers Open-Sourced and Ready for Download

You asked, we delivered – Boss of the SOC 2.0 has been open sourced, including dataset, questions, answers and even a scoring server update!