Security Blogs

Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, white papers, and customer case studies that we feel are worth a read.

Splunk Threat Research Team simulated the Log4j vulnerabilities in the Splunk Attack Range. Using the data collected, we developed 13 new detections and 9 playbooks to help Splunk SOAR customers investigate and respond to this threat.

Good news, you can use Splunk to proactively hunt using Network Traffic and DNS query logs data sources to detect potential Log4Shell exploit. From Splunk SURGe, learn even more detections against CVE-2021-44228.

The Splunk Threat Research Team recently updated the Active Directory Lateral Movement analytic story to help security operations center (SOC) analysts detect adversaries executing these techniques within Windows Active Directory (AD) environments.

A serious remote code execution (RCE) vulnerability (CVE-2021-44228) in the popular open source Apache Log4j logging library poses a threat to thousands of applications and third-party services that leverage this library. From Splunk SURGe, learn how you can detect Log4j 2 RCE using Splunk.

This blog focuses on the latest enhancements made to Splunk's OT Security Add-on, including highlighting key features and improvements that have been made in version 2.1

Hello everyone! Welcome to the Splunk staff picks blog. Each month, Splunk security experts curate a list of presentations, white papers, and customer case studies that we feel are worth a read. We hope you enjoy.

In this post, we demonstrate how to set up effective security monitoring of your Hyperledger Fabric infrastructure. We identify some common threats, recognize key data sources to monitor, and walk through using Splunk to ingest and visualize your data.

Learn how you can secure your development security operations with pre-built and tested Splunk detections and automated playbooks.