Security Blogs

Splunker Michael Haag dives into Subject Interface Packages (SIPs) and their role in Windows security, exploring how SIPs can be exploited by malicious actors to bypass security measures and sign malicious code.

Announcing the release of Splunk SOAR 6.2 with features like logic loops for playbooks, integrations with CyberArk, two new firewall apps, and a new conversion option for classic playbooks.

Splunk security experts share their list of presentations, whitepapers, and customer case studies from November 2023 that they feel are worth a read.

This article discusses a foundational capability within Splunk — the eval command. Need to pick a couple commands for your desert island collection? eval should be one!

Another excellent tool for your threat hunting: RegEx! SPL offers two commands for utilizing regular expressions in Splunk searches. See how to do it here.

Announcing the latest on Compliance Essentials for Splunk, an essential part of your toolkit to help your organization maintain and monitor your compliance status and cyber resiliency with various frameworks.

To hunt for threats, there's a lot of data you do NOT need. Here are the 3 must-have data filtering techniques so you can hunt those threats STAT!

This blog introduces new machine learning models in Splunk UBA for VPN connection monitoring to enhance WFH security resilience.

The Splunk Threat Research Team (STRT) provides a deep-dive analysis of NjRAT (or Bladabindi), a Remote Access Trojan (RAT) discovered in 2012 that's still active today.