Security Blogs

The Splunk Threat Research Team shares how to identify protocol handlers on an endpoint, different ways to simulate adversary tradecraft that utilizes a protocol handler, and a piece of inspiring hunting content to help defenders identify protocol handlers being used in their environment.

With less than a month to go before Americas' BOTS Day '22, we thought it would be the perfect time to explain what’s happening and how the day will go.

The Splunk Threat Research Team analyzes 'Azorult loader' (a payload that imports its own AppLocker rules) to understand the tactics and techniques that may help defend against these types of threats.

Check out the latest staff picks from our Splunk security experts, featuring a list of presentations, whitepapers, and customer case studies that we feel are worth a read.

Learn more about the Ransomware Content Browser recently released inside Splunk Security Essentials, aimed at helping customers combat the problem of ransomware.

Announcing our participation as a co-founder of the new public Open Cybersecurity Schema Framework (OCSF) open-source project at Black Hat 2022.

Announcing the availability of User Behavior Analytics (UBA) version 5.1

Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, whitepapers, and customer case studies that we feel are worth a read.

Discover how to use machine learning algorithms to develop methods for detecting misuse or abuse of risky SPL commands to further pinpoint a true security threat.