Security Blogs

Discover how Splunk and Cisco are transforming security operations centers with unified platforms, AI-driven threat detection, and real-time visibility. Learn key insights, challenges, and strategies to build a smarter, more resilient SOC for the future.

As threat volumes grow and environments become more complex, standardized, high-fidelity telemetry is no longer a luxury–it’s a necessity.

Splunk's September ESCU update: New security content & analytics for robust threat detection. Covers Cisco ASA, ArcaneDoor, diverse malware, and Office365 Copilot activity.

As of Splunk Enterprise 10.0, mTLS is now supported across 10 essential communication paths in your deployment—from forwarders and HTTP Event Collector (HEC) to clustered search heads and indexers.

In response to the evolving cyber threat environment, the Australian Government has taken proactive steps to strengthen national cyber defences.

After a successful launch of BOTS at .conf25, we’re ready to take it to the masses with two worldwide BOTS10 competitions.

In this blog, Splunkers Jonathan Heckinger and Brian Starrs cover the most complex aspect of REF risk: what to do after you find it.

The Splunk Threat Research Team analyzes the LAMEHUG malware, examining its tactics and techniques to provide insights that can help SOC analysts and blue teamers identify and respond.

With the improvements within Splunk’s ARI 1.2, organizations can further improve aligning their vulnerabilities, misconfigurations, and threat activity with the business value of each asset.